[BreachExchange] HBO hacked: Upcoming episodes, Game of Thrones data leaked online

Audrey McNeil audrey at riskbasedsecurity.com
Mon Jul 31 21:21:51 EDT 2017


http://ew.com/tv/2017/07/31/hbo-hacked-game-of-thrones/

HBO has joined the ranks of Hollywood entertainment companies to suffer a
major cyber attack.

EW has learned that upcoming episodes of a couple series and at least one
alleged script or treatment have been put online by hackers who breached
the company’s systems — with more threatened to be coming soon.

“HBO recently experienced a cyber incident, which resulted in the
compromise of proprietary information,” the network confirmed in a
statement. “We immediately began investigating the incident and are working
with law enforcement and outside cybersecurity firms. Data protection is a
top priority at HBO, and we take seriously our responsibility to protect
the data we hold.”

Hackers claimed to have obtained 1.5 terabytes of data from the company. So
far, an upcoming episode of Ballers and Room 104 have apparently been put
online. There is also written material that’s allegedly from next week’s
fourth episode of Game of Thrones. More is promised to be “coming soon.”

HBO is not commenting on what content might have been stolen, confirming
specific titles or the amount of data accessed. This morning, HBO chairman
and CEO Richard Plepler sent an email to HBO employees alerting them of the
breach.

“As most of you have probably heard by now, there has been a cyber incident
directed at the company which has resulted in some stolen proprietary
information, including some of our programming,” he wrote. “Any intrusion
of this nature is obviously disruptive, unsettling, and disturbing for all
of us. I can assure you that senior leadership and our extraordinary
technology team, along with outside experts, are working round the clock to
protect our collective interests. The efforts across multiple departments
have been nothing short of herculean. It is a textbook example of
quintessential HBO teamwork. The problem before us is unfortunately all too
familiar in the world we now find ourselves a part of. As has been the case
with any challenge we have ever faced, I have absolutely no doubt that we
will navigate our way through this successfully.”

On Sunday, an anonymous email was sent to many reporters announcing the
hack: “Hi to all mankind. The greatest leak of cyber space era is
happening. What’s its name? Oh I forget to tell. Its HBO and Game of
Thrones……!!!!!! You are lucky to be the first pioneers to witness and
download the leak. Enjoy it & spread the words. Whoever spreads well, we
will have an interview with him. HBO is falling.”

It’s not clear if the hackers actually have what would be the crown jewel
target for an HBO cyber breach — upcoming episodes of the company’s biggest
hit, Game of Thrones. So far, no GoT episodes have leaked.

In April, a hacker penetrated Netflix to release episodes from season 5 of
Orange Is the New Black ahead of its summer return. And in May, a hacker
claimed to have stolen Pirates of the Caribbean: Dead Men Tell No Tales,
but Disney chief Bob Iger later said the threat was a hoax. The biggest
Hollywood hack victim was Sony in 2014, where approximately 100 terabytes
of data was uploaded online (versus the 1.5 TB claimed in the HBO attack).

For years, HBO has fought a cyber-battle to keep Game of Thrones storylines
secret and the show’s content from being illegally distributed —
particularly before episodes air. In season 5, the first four episodes
leaked online before the show’s season premiere after review DVDs that were
sent to the press and industry insiders. HBO has since halted the practice
of sending any episodes in advance. That same year, some clips leaked ahead
of time from overseas HBO distributors, and even images of Jon Snow’s death
found their way online before the finale aired. Just a couple weeks ago, a
Thrones trailer to be screened at Comic-Con leaked onto YouTube in advance
of its release. But those incidents were accidental content leaks. This is
the first time the company has been the victim of an actual cyber attack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170731/dd012dbd/attachment.html>


More information about the BreachExchange mailing list