Hacker releases Netflix episodes early and threatens other networks

In what comes as a bit of good news for Orange is the New Black fans and bad news to IT pros who fear having their data shared with third parties, a hacker has released 10 episodes of Netflix’s hit series early. The hacker also demanded a ransom to stop the early release of the episodes, which Netflix refused. In a press statement, the online exclusive network said it was aware of the situation. How did it go down?

Netflix and several big name networks like Fox and ABC, share a post-production company, Larson Studios. The vendor specializes in digital mixing that the companies outsource production to. The FBI was aware of the breach back in January, but only recently notified the companies whose data was stolen.

This attack is part of a growing trend, with a 50% uptick in data breaches in general from 2015 to 2016, according to a report conducted by Verizon. But more than that, it shows a concerning vulnerability in the broader cybersecurity network. You may be doing everything you can to bolster your digital security, but what about you company’s partners that it shares data with?

In this case, Netflix and the other networks most likely have impressive IT budgets and top-of-the-line cybersecurity protections in place. But there’s a weak link in the chain with Larson Studios. While attacks can happen to anyone, the post-production company is no doubt the easier target amongst the network giants, as well as the more lucrative one. It holds more than just one studio’s data, managing multiple projects at any given time.

This situation provides an important, if not costly, lesson: When it involves your company’s data, every part of the process needs to be as secure as possible. Revisit vendor contracts and see what protections they offer to ensure that everything possible is being done to protect your company’s sensitive data.

But there’s still more to the Netflix story. The online network was being lambasted by the hacker, a group or individual who goes by thedarkoverlord, over Twitter where the episodes were released.

Thedarkoverlord offered regret that Netflix wasn’t going to be paying the ransom by posting, “You’re going to lose a lot more money in all of this than what our modest offer was.” But the catch is that thedarkoverlord doesn’t have the final three episodes of Orange is the New Black season 5. Those episodes hadn’t been sent to the post-production company by the time the breach occurred.

When caught in these situations, a risk assessment is always invaluable. Thedarkoverlord claims Netflix will be losing money with this early release of episodes. Netflix appears to have weighed its options with a cost analysis against the potential cost of the leak, and decided to tell the hacker no dice.

Not all hacks are created equal, and each should be investigated by an internal response team which should consider the scope of the damage and the financial costs of recovery.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy