This past month Sony Entertainment was hit with a massive hack from a group called the “Guardians of Peace” or #GOP. The #GOP recently released the first of a large number of internal documents and emails from Sony employees and executives.
Unfortunately for Sony, the leaked emails do not paint a flattering picture. The emails shine a light onto the sometimes-shady inner workings of a large entertainment company and removes the veneer of glitz and glamour that Hollywood public relations departments work so hard to maintain. The leaked emails show that Sony executives wrote emails to one another disparaging famous actors and writers, emails that contained racist comments about President Obama, and emails that referenced plans to pay off state attorney generals to encourage them to bring lawsuits against Google.
Embarrassing emails from highly paid executives may cause damage to the Sony brand and is fodder for Internet gossip. Unfortunately for the regular Sony employee, the email leaks reveal sensitive and personal information that can cause a great amount of individual suffering and embarrassment.
“The most painful stuff in the Sony cache is a doctor shopping for Ritalin. It’s an email about trying to get pregnant. It’s s***-talking coworkers behind their backs, and people’s credit card log-ins. It’s literally thousands of Social Security numbers laid bare. It’s even the harmless, mundane, trivial stuff that makes up any day’s email load that suddenly feels ugly and raw out in the open, a digital Babadook brought to life by a scorched earth cyberattack.”
These employees are at great risk for identity theft, medical and financial fraud, damage to their reputation, and the possible loss of future employment opportunities.
Lesson 1: Emails are never private
Once you send an email you no longer have control over its contents. There is nothing stopping the recipient from forwarding your email to others. ISPs and companies like Google, Microsoft, and Yahoo routinely scan and read customers’ emails for marketing and advertising purposes. Criminals using malware and phishing schemes could intercept your email and use it to commit fraud or other crimes. There are many ways your email could become exposed.
Always assume that what you write in email may become public.
Lesson 2: Don’t badmouth your coworkers
See Lesson 1. There is no guarantee that the contents of your email will stay private. Maintaining healthy business relationships is a key component for success in any profession. If word gets out that you talk about people behind their backs it will hinder your ability to collaborate successfully with your coworkers and future business interactions may be in jeopardy.
Even if the emails are not malicious in nature they could be taken out of context leading to misunderstandings. You cannot control how others will react to your leaked emails. “Information doesn’t have to be incriminating to be embarrassing; it doesn’t need intent to be cruel.”
Lesson 3: Keep work and personal emails separate
See Lesson 1 and 2. Many Sony employees used their corporate email for personal interactions. It is likely they did not think that the contents of their email would end up on the Internet. In many industries, such as finance, companies routinely search through employees’ email for signs of fraud and other criminal or insider activity, but they can read or use anything sent over company email servers. Organizations may have to turn over email as part of a civil or criminal subpoena or in response to open access laws. In these instances even if you have nothing criminal to hide, your personal communication could be read by others and possibly read aloud into the public court records.
Always use a non-work-related account for personal emails.
Lesson 4: Speak in person or use the phone
If this leak produces a teachable moment it is to take a moment to decide whether it’s better to talk in person or over the phone rather than to use email. Email does not communicate nuance, tone, or body language like a face to face conversation. This is especially true if the topic is sensitive or is related to personal matters such as health or personal finance. An in-person conversation offers a better opportunity for clear and meaningful communications and, unless you have eavesdroppers nearby, you can better control who hears your message.
- theverge.com: Project Goliath: Inside Hollywood’s secret war against Google
- washingtonpost.com A Sony exec cracks jokes about Obama’s race, and eight more bruising revelations from the Sony leak
- gizmodo.com: The Sony Hacks Are Goddamn Terrifying
- cnbc.com: After delay, Sony warns workers about leaked data
- theverge.com: Hackers shut down Sony Pictures’ computers and are blackmailing the studio