Skip to Main Content
by Phil Stott | December 04, 2014


If you've been paying attention to the news in the past few days, you'll likely have heard something about a data security breach at Sony Pictures—not least because the hack has resulted in several of Sony's current and upcoming movie titles being leaked onto the internet, potentially costing the company millions of dollars in lost revenue.

As bad as that may seem, the full extent of the data involved in the hack is still not apparent, and the worst effects of it may not even be revenue related. For example, one of the earliest documents seized upon by bloggers poring through the Sony trove was a list of some 6,000 salaries of employees at the firm—including top executive salaries.

As Fusion's Kevin Roose noted, there are 17 employees on the list who currently take home more $1 million annually. While there's nothing controversial there, the list of top earners is somewhat lacking on the diversity front—it features just one female, and, according to Roose's numbers, just two non-Caucasians. "In other words," he states, "the upper pay echelon of Sony Pictures is 94 percent male, and 88 percent white"—the kind of stats that "would mean that the top ranks of one major Hollywood studio are perhaps even less diverse than those of Silicon Valley tech companies and large Wall Street banks." (Links retained from original text.)

Nor does the bad news stop with Sony Pictures. Professional services giant Deloitte has also become entangled in the salary data leak in a particularly unfortunate manner. According to a different Fusion post, an HR specialist at Sony Pictures still had files pertaining to their previous role at Deloitte on a computer that was compromised in the hack. Among those files: salary details for some 31,142 (mercifully, for the firm, unnamed) U.S. Deloitte employees, dating to 2005.

The fact that there are no names attached to the data is a saving grace for the firm, as is the fact that the list is almost a decade out of date at this point. However, as an insight into the working of one of the world's largest employers, the cache is unprecedented, and potentially still very problematic for the firm—not least because the information does have titles, locations and gender identifiers tagged to it. That makes it both easier for those in the know to compare their salaries with predecessors and colleagues, and for anyone who is so minded to search for discrepancies between genders.

At present, nothing about the Deloitte end of the hack seems particularly eye-popping to anyone who knows much about the industries in which the firm operates. The top salaries are more or less in line with expectations, while the biggest point that's been made on the discrimination front so far actually stands in the firm's favor: the spreadsheets were part of a study by the firm to determine whether factors such as race or gender could predict salaries—presumably in an effort to guard against discrimination.

If there's anything to be learned from the leak so far, then, it's about data security. As in, there is none. If you work for a company of any repute whatsoever, your details are at risk—especially if that firm happens to fall foul of the North Korean government (the alleged hackers in this case). And, as the Deloitte case proves, even if your own firm's systems are up to par, there's only so much you can do if a former employee doesn't buy a new laptop more than once a decade.

Read More:

Fusion: Hacked documents reveal a Hollywood studio's stunning gender and race gap

Sony pictures hack spreads to Deloitte