Before moving shifting focus to Hollywood, the hacker or hacking outfit that operates under the alias "TheDarkOverlord" was notoriously known for various data breach incidences in multiple organizations, including Gorilla Glue, at least three healthcare companies and a small cancer charity known as the Little Red Door Cancer Services of East Central Indiana.
TheDarkOverlord has now turned to Hollywood, where the jobs are a little lighter and the payoff is a bit more lucrative. The latest exploits of the hacker/hacking outfit resulted in a data breach from the popular movie and TV show streaming service Netflix.
Reliable sources pinpointed the origin of the breach to Larson Studios, a post-production company tasked with tailoring the fifth season of Netflix's hit TV show Orange is the New Black for HD television.
The data breach, which happened last month, resulted in the theft of the first ten episodes of the TV show, which TheDarkOverlord initially leveraged for a ransom of 30 BTC ($45,000).
The hacker/hacking group also took that opportunity to reveal that they were in possession of unreleased content from some of Larson Studios' other big-name clients, a list which included National Geographic, ABC, Fox and IFC.
Similarly, they demanded a ransom from the companies to avoid the premature release of their stolen content.
TheDarkOverlord ended up leaking ten episodes from the fifth season of Netflix's Orange is the New Black after the movie streaming service allegedly refused to meet their demands.
The official release date of the TV series hasn't yet been pushed up following the data breach and so far, no one seems to be reacting to the actions of theDarkOverlord.
When prompted for a comment, Netflix responded saying that they were aware of the situation and had delegated it to the appropriate law enforcement authorities.
Larson Studios, on the other hand, have yet to issue a statement regarding the breach.
TheDarkOverlord seems to be prepared for another major leak of unreleased content they stole from the Larson Studios data breach. The hacker/hacking group has reportedly been dropping hints that another leak is imminent, via their Twitter account.
Hollywood Studios Not Prepared to PayDespite the potential threat to their revenue and viewers, Hollywood studios are not prepared to indulge TheDarkOverlord in their ransom demands.
Area 1 chief executive Oren Falkowitz believes that although top name Hollywood studios remain well-protected by reputable security firms, the same cannot be said to the vendors tasked with handling content from their studios.
According to him, the Larson Studios data breach was a prime example of how the weak security of film production vendors adversely affected the security of these top-notch production studios in Hollywood.
This fact was corroborated by a risk intelligence company known as RiskVision, which revealed that an estimated 80 percent of data breach incidents affect low-level suppliers and vendors.
The trend is, however, neither limited to Hollywood nor is it new. In 2014, Target suffered a major data breach in which tens of millions of sensitive credit card details were stolen by hackers.
Subsequent investigations revealed the entry point of the attacks to be a small Pittsburg refrigeration company whose stolen credentials wereused to penetrate Target's security.
TheDarkOverlord's Affinity for Health Care CompaniesPrevious data breach incidents have been linked to TheDarkOverlord. Last summer, the hacker/hacking outfit took credit for breaches that occurred in at least three health care organizations and a health insurance company.
This time, the fruits of the breach were not leveraged for ransom. Instead, TheDarkOverlord attempted to sell the cache of stolen data on a dark web marketplace known as TheRealDeal for prices ranging between $96,000 and $490,000.
In the case of the cancer charity's data breach, a ransom of 50 BTC ($91,000) was demanded in futility.
The hacker/hacking outfit's entry to the Hollywood scene has alerted Hollywood studios about the need to cover all their bases, especially when sensitive information is involved.
Disclaimer:
You need to enable JavaScript to vote