A Hollywood production studio has found itself the unwitting victim of a notorious group of hackers who have specialised in breaking into organisations and stealing large amounts of data.
Line 204, whose sound stages have hosted the likes of Nicole Kidman, Britney Spears, Katie Holmes, Jennifer Lopez, Quentin Tarantino, Ridley Scott, and others says that it has called in the FBI, after hackers broke into the studio’s computer systems and stole a client database.
Line 204 is pointing a finger of blame at the notorious Dark Overlord hacking group, which has made a habit of stealing gigabytes of corporate data, and then threatening to share it with the media (or worse still, publish it on the internet) unless a ransom is paid.
In a statement, Line 204 CEO Alton Butler suggested that the hack occurred last week:
“I can confirm that Line 204 was a victim of an international cyberattack organization, on Thursday, Oct. 26, 2017. This group has hit other studios in the past year and is trying to continue their destructive path with Line 204. We immediately took measures to minimize the damages and block further invasion to protect the information of our company and clients.”
However, DataBreaches.net, which has been closely monitoring the activities of the Dark Overlord gang, believes that the breach occurred at least a month earlier.
Sure enough, the hackers have been tweeting since late September that they have breached another Hollywood studio.
What changed last week is that The Dark Overlord became more explicit about who it had breached.
So, maybe the truth is not that Line 204 suffered an attack last week – but rather that it only became aware that its systems had been breached last week.
What’s clear is that the list of organisations that have found themselves in the unpleasant position of receiving an extortion demand from The Dark Overlord keeps getting longer. Educating users about phishing scams, strong authentication, best practices, regular vulnerability patching, and layered security can help reduce the risk that a firm will be successfully hacked – and avoid putting the privacy of innocent customers at risk.