[BreachExchange] Vevo Hackers Leak — Then Delete — Huge Trove of Internal Videos, Documents
Audrey McNeil
audrey at riskbasedsecurity.com
Fri Sep 15 14:02:00 EDT 2017
http://variety.com/2017/digital/news/vevo-hack-leak-
documents-videos-1202560068/
A notorious hacker group broke into the servers of music-streaming service
Vevo, releasing more than 3 terabytes of internal documents and video
content online — before removing them later Friday morning at Vevo’s
request.
The purloined cache, posted by hacking and security collective OurMine,
included videos, a batch of documents labeled “premieres,” as well as
marketing info, international social-media documents, and other internal
files, as first reported by tech site Gizmodo.
Vevo confirmed the hack, which it said was the result of a phishing scam
via LinkedIn. “We have addressed the issue and are investigating the extent
of exposure,” Vevo said in a statement.
The 3.12-terabyte trove of stolen documents included Vevo’s internal
dossiers on about 9o artists, including Ariana Grande, Britney Spears,
Calvin Harris, Florida Georgia Line, Jennifer Lopez, Justin Bieber, Katy
Perry, Madonna, One Direction, Sia, Taylor Swift, The Weeknd, and U2.
OurMine, in a post on its site, claimed it leaked the Vevo files late
Thursday after an exchange with a Vevo employee who — upon being informed
of the hack — allegedly told the hackers, “F— off, you don’t have anything.”
In an update Friday morning, OurMine said that “We deleted the files
because of a request from VEVO.”
OurMine over the past few years has targeted numerous companies and
high-profile individuals, ostensibly as a guerrilla-style marketing effort
for its security services.
Last month, OurMine hijacked the social-media accounts of HBO, which
separately this summer was threatened with extortion demands from a hacker
that stole 1.5 TB of the programmer’s files. Other victims have included
Netflix, Marvel, Google, Facebook CEO Mark Zuckerberg and Twitter chief
Jack Dorsey.
New York-based Vevo is jointly owned by Universal Music Group, Sony Music
Entertainment, Warner Music Group, Abu Dhabi Media, and Alphabet (Google’s
parent).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170915/f37d0656/attachment.html>
More information about the BreachExchange
mailing list