In 2014, Sony Pictures endured a devastating cyber attack resulting in the leakage of over 100 Terabytes of confidential data, including personal information, unreleased films, and internal communications. The attackers, masquerading as colleagues, sent phishing emails containing malicious attachments. A specific technique used was a fake Apple ID verification email. By combining data from LinkedIn and exploiting reused Apple ID logins, the attackers guessed passwords for Sony's network. Beyond the immediate financial impact, estimated over $100 million, the breach significantly damaged Sony Pictures' reputation, leading to a reevaluation of cyber security practices across the industry. This incident underscores the critical importance of employing strong, unique passwords for different online services and the need for continual vigilance against phishing attempts.
Source: https://hempsteadny.gov/635/Famous-Phishing-Incidents-from-History
"id": "son441050724",
"linkid": "sony-pictures-entertainment",
"type": "Vulnerability",
"date": "12/2014",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"