You do have to cut them a little slack, here. If we were talking about a coal mining company or something and terabytes of data going out the door would be pretty unusual, and SEIM systems would be trained to flag that sort of thing.
This is Sony Pictures, though, terabytes probably go out the door all the time. I mean that might be less than a few hours of uncompressed video going to a contractor for post processing or something.
No my bigger question having done this kind of thing for a living now for some time is why would a basically purely IP organization not have effective controls in place, to know what kind of data is going out the door and to put a hard stop to it the moment something that should not be there is spotted.
Ok you can't maybe do that with the aforementioned video data, but you certainly can watch for byte patterns that look like address, SS numbers, e-mails in usually great quantity etc on the wire.
You certainly do not allow anything encrypted to go out unless you MITM it. Could an attacker do something like slap some mpeg headers on top a big encrypted data stream? probably, but they'd have to know to do it.
If my entire world was IP like Sony Pictures id probably take it a few steps further make sure my firewall devices knew the common container formats for various media types and continued to make sure sync bytes and frame markers occur where they ought to, anytime more than a hanful of megabytes of something I can't recognize flowed it would alert and some form the CERT team would pick up the phone a call whoever it was associated with that source IP. No attribution shut it down, no explanation shut it down.
The hardware and software to do this is commercially available, more or less off the shelf and has been for at least five or seven years now.