In a statement published on Saturday, the company said that an ‘early version' of the screenplay had been stolen and made public by the same hackers who infiltrated the Sony Pictures Entertainment computer system.
These hackers go by the name of the Guardians of Peace (GOP) and are said to have leaked up to 100 terabytes of data so far, and five films (including the unreleased Annie), employee records, passwords and email exchanges.
“Eon Productions, the producers of the James Bond films, learned this morning that an early version of the screenplay for the new Bond film Spectre is amongst the material stolen and illegally made public by hackers who infiltrated the Sony Pictures Entertainment computer system,” reads the statement.
The statement continued: “The screenplay for Spectre is the confidential information of Metro-Goldwyn-Mayer Studios and Danjaq LLC, and is protected by the laws of copyright in the United Kingdom and around the world. It may not (in whole or in part) be published, reproduced, disseminated or otherwise utilised by anyone who obtains a copy of it.
“Metro-Goldwyn-Mayer Studios and Danjaq LLC will take all necessary steps to protect their rights against the persons who stole the screenplay, and against anyone who makes infringing uses of it or attempts to take commercial advantage of confidential property it knows to be stolen.”
Chris Boyd, malware intelligence analyst at Malwarebytes, said that this attack was the latest piece of bad news for Sony and said that the data breaches could ‘almost be the beginning of a Bond film'.
“Sony is receiving repeated body blows from the breach, which is perhaps indicative of the intention to damage the reputation of the company,” he told SCMagazineUK.com via email. “Typically a big company breach is all about stealthy data theft and low profile operations, however in this case the motivation appears focused on creating crippling headlines. It could almost be the beginning of a Bond film itself.”
“It goes to prove that, regardless of sector, there is a vast amount of value in digitally stored intellectual property. Whether this is bank details, blueprints of a new fighter jet or screenplays, if it's not locked down, it's all potential risk points for an attacker to exploit.”
Phil Cracknell, head of security and privacy services at consultancy Company 85, added in an email to SC that hackers will always go after information, no matter how well-guarded this data is.
“It is indeed unfortunate when such ‘secrets' are exposed. (But) that is the nature of the world today. Where there are people who will consume the leaked data, or where the owners will pay to prevent it being exposed then the motivation for either insiders or external attackers to target information of this nature will remain.
“No matter how well safe-guarded data is, there is always an amount of effort or a method that will expose it.”
He added: “It's embarrassing for Sony but I don't think it will cause them any harm in the long term, and look how much media exposure the movie is getting already. Behind most stories like this is the insider threat, if not entirely an insider attack, the common trend is for the external attacker to have been ‘assisted'. I am sure there is more news to come from this as the investigation continues.”
Eon Productions and Sony Pictures Entertainment didn't respond to our requests for comments at the time of writing. In related news, Sony Pictures Entertainment has reportedly warned media outlets to stop using the stolen information as a basis for news stories.
‘Spectre', which is directed by Sam Mendes and starring Daniel Craig, is due to be released on 6 November 2015.