Jump to content

Recommended Posts

  • Active Members

wbrsbngifyfyipipp47c.png

 

Another day, another multinational video service brought to its knees by a group of rogue hackers with a bone to pick.

Vevo, the joint venture between Universal Music Group, Sony Music Entertainment, Abu Dhabi Media, Warner Music Group, and Alphabet Inc. (Google’s parent company), was just hacked. Roughly 3.12TB worth of internal files have been posted online, and a couple of the documents reviewed by Gizmodo appear sensitive.

 

The OurMine hacker squad has claimed responsibility for the breach. The group is well known: They hijacked WikiLeaks’ DNS last month shortly after they took over HBO’s Twitter account; last year, they took over Mark Zuckerberg’s Twitter and Pinterest accounts; and they hit both BuzzFeed and TechCrunch not long after that.

The leaked cache contains a wide variety of office documents, videos, and other promotional materials. Based on a cursory review, a majority of the files seemed pretty mild—weekly music charts, pre-planned social media content, and various details about the artists under the record companies’ management.

 

ubxg9eh6btjznfvi4jiz.png

But not all of the material was quite so benign. Vevo’s UK office will probably want to get this alarm code changed as soon as possible:

gzrtljmffzaryxprem0f.jpg

OurMine typically hacks people because, well, it can. The group’s primary goal is demonstrating to companies that they have weak security. In this case, the hackers managed to compromise an employee account for Okta, the single sign-on workplace app. Usually they don’t resort to leaking large caches of files—at least to our knowledge—but in this case it sounds like someone may have pissed them off.

 

In a post late Thursday, OurMine claimed it leaked Vevo’s files after reaching out to one of the company’s employees and being told to “fuck off.” But they informed Gizmodo by email: “If they asked us to remove the files then we will.”

Of course, Sony (one of Vevo’s joint owners) fell victim to a devastating hack in 2014 after a group of hackers calling themselves the “Guardians of Peace” dumped a wealth of its confidential data online. US intelligence agencies pinned the breach on North Korea (one of the hacking group’s demands was that Sony pull The Interview, Seth Rogan’s comedy about a plot to assassinate Kim Jong-Un.)

According to Business Insider, Vevo locked up nearly $200 million in year long ad commitments this year, thanks to artists like Beyonce, Taylor Swift, and Ariana Grande helping generate some 25 million daily views. They might consider spending some of those earnings on beefing up their security. This could’ve been a lot worse.

We’ve reached out to Vevo, Sony, Warner, Universal, and Google for comment. We’ll update if we hear anything back.

 

Update 9/15/17 12:40am ET: Responding to our inquiry, a Vevo spokesperson told Gizmodo that the company “can confirm that Vevo experienced a data breach as a result of a phishing scam via Linkedin. We have addressed the issue and are investigating the extent of exposure.”

 

Via gizmodo.com

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...