In the recent cybersecurity happenings, HBO's servers have been breached. One of the culprits (the one who got in touch with HBO) goes by the name "Mr. Smith". Apparently, the stolen data is in the shape of files concerning HBO's Game of Thrones show and the people working on it.
The Stolen Data
Mr. Smith claims that his hacker group is in control of 1.5TB of HBO's confidential data and has leaked some of it online probably to prove that the threat is real. HBO has stated that their email system has been breached, it hasn't been completely compromised.
The data dumped online is a total of 3.4GB and consists of various files. Five of Game of Thrones episodes' scripts, legal claims against HBO, tech plans for the future, admin passwords, job offers to a few of the TV network's CEOs, 37,977 emails which appear to belong to the Chief Executive of HBO Richard Plepler, Jessie Cohen's month worth of emails and even personal information regarding the cast. Emilia Clarke, Peter Dinklage, Lena Headey are among the victims of this breach with data such as their personal phone numbers, email and home addresses leaked to the public.
The Ransom and the Hacker Group
The hacker group sent a video "letter" to the CEO Richard Plepler. In the 5-minute video, they warn HBO that unless they pay the ransom demanded within three days all the data stolen will be dumped online. Mr. Smith's hacker group isn't playing around and knowing the sensitivity of the data obtained they're demanding a staggering sum in exchange for it. They claimed that the amount wanted would be equal to what they make in half a year, which they claim is $6m. Fundamentally, the hacker group hints at HBO that they make around $12m annually which would mean that they are a considerable threat and are to be taken seriously. Furthermore, they claimed that before hitting HBO, there have been 16 more companies to fall victim to their attacks of which just three haven't paid up. In the video, the attackers state that the breach took them 6 months to complete and that their annual expenses for purchasing zero-day exploits (which are even unfamiliar to Windows) would be around $500,000. These "exploits" are basically unintentionally left loopholes in software which could be used to compromise a system.
Blatant Attacks on Film and TV Industry
It seems that the film and TV industry is becoming the target of high-tier cyber criminals. Earlier this year Netflix was targeted by hackers who dumped a whole new season of their original series Orange Is the New Black because the company refused to pay the attackers 50 Bitcoins (around $170,000). Back in May Disney was hit. Hackers stole the latest film from the Pirate of the Caribbean's saga – Dead Men Tell No Tales and Cars. After Disney refusing to pay the ransom, ironically, the film was leaked on the torrent website The Pirate Bay.
HBO is working on the incident with the cooperation of malware researchers and the appropriate law enforcement departments.