Sony Pictures and The Interview
A comedy about killing Kim Jong-un triggered the most public corporate hack of the decade, exposing emails, salaries, and unreleased films.
On the morning of November 24, 2014, every screen at Sony Pictures Entertainment booted to the same grinning red skeleton and a message signed "Guardians of Peace". The studio's entire IT estate had been wiped overnight.
Five-act disaster
What followed unfolded like a script. The attackers began leaking caches — first unreleased films, then internal emails, then payroll spreadsheets exposing executive salaries and gender pay gaps, then medical records for employees and their dependents. Each release was timed for maximum tabloid interest.
The proximate cause appeared to be a Seth Rogen comedy called The Interview, whose plot centered on the assassination of Kim Jong-un. Pyongyang had publicly denounced the film as an act of war months before release.
Attribution and aftermath
The FBI named North Korea within weeks, an attribution unusual for its speed and its public confidence. The group behind the operation was later folded into what researchers now broadly label the Lazarus Group — the same constellation of operators tied to the Bangladesh Bank heist and a string of cryptocurrency robberies.
Sony, under public threat of attacks on theaters, briefly cancelled the film's release before reversing course and pushing it out through streaming.
What the chronicle remembers
Sony was the first incident in which a national government appeared to use a cyberattack to censor a foreign cultural product. It also taught corporate boards that the worst part of being breached is often not the breach itself, but what the attacker chooses to publish next.