Categories: Security

Vevo Hackers Release Then Delete 3TB Of Internal Files

Vevo has acknowledged its systems were breached by a notorious hacker group after more than 3 TB of internal data was released online – and then removed at the company’s request.

The Saudi Arabian-based OurMine group, which claimed responsibility for the hack, claims to breach organisations’ systems in order to demonstrate security weaknesses.

In August, the group caused DNS servers to redirect WikiLeaks traffic to their own server and took over HBO’s Twitter account, while previous targets have included Facebook chief Mark Zuckerberg, Twitter chief Jack Dorsey, Netflix, Marvel, Google, BuzzFeed and TechCrunch.

Files deleted

OurMine sells security services and uses the hacks to publicise its offerings.

In a post on its website the group said it initially contacted Vevo about security issues but was allegedly told by an employee, “Fuck off, you don’t have anything.”

Screenshot from OurMine’s website.

In response, the group initially made about 3.12 TB of files available via a link on its site, but told technology news site Gizmodo it would remove the files if Vevo asked it to do so, and it later said it had complied with such a demand.

“We deleted the files because of a request from VEVO,” OurMine said in a message added to its site on Friday.

The cache reportedly contained a office documents and promotional materials, as well as internal dossiers on about 90 artists including Ariana Grande, Katy Perry, Taylor Swift and U2.

But some of the materials appeared sensitive, with Gizmodo, for instance, publishing a document that appeared to give the code used to deactivate an alarm on the first floor of Vevo’s UK office.

Loading ...

‘LinkedIn scam’

OurMine said it had compromised an employee’s account for the Okta single sign-on service, and Vevo confirmed a member of staff had been hit by a phishing attack.

Vevo said the breach resulted from a “phishing scam via Linkedin”.

“We have addressed the issue and are investigating the extent of exposure,” Vevo stated.

Vevo is a joint venture between the “big three” music labels, Universal Music Group, Sony Music Entertainment and Warner Music Group, and is also part-owned by Abu Dhabi Media and Google parent Alphabet.

In 2014 Sony Pictures Entertainment was hit by hackers who released large amounts of the company’s internal data, and over the summer HBO was threatened with extortion by hackers who claimed to have obtained about 1.5 TB of sensitive files.

The hackers released unaired episodes of popular programmes after HBO failed to pay a ransom of around £5m.

Do you know all about security in 2017? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

13 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

13 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

14 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

16 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

19 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

19 hours ago