An individual or group going by the name "thedarkoverlord" has posted much of the upcoming season of Netflix’s series Orange is the New Black, apparently as punishment for not paying an extortion demand. According to information obtained by Databreaches.net, the episodes were stolen from a post-production studio along with episodes from dozens of other television programs on Netflix and other networks. And the person or people behind the breach are not attempting to further extort the networks that distribute the programs.
Whoever is behind "thedarkoverlord" has breached a number of small and mid-sized organizations’ networks over the past year, apparently by exploiting common vulnerabilities in their websites to gain access. In each case, according to Twitter posts and Pastebin notes by the hacker or hackers, those responsible have posted proof of breaches to GitHub and attempted to extort payments in bitcoins from the victims, threatening to dump customer data and other records if they failed to comply. One target was a US Navy supplier, according to a report from DataBreaches.net (though no sensitive information was part of the breach).
Late last year, thedarkoverlord managed to stumble into a motherlode, apparently gaining access to the network of Larson Studios, an audio post-production company that serves many of the major television production companies. And with that access, it managed to steal nine episodes of the upcoming season of Netflix’s series, Orange is the New Black, and claimed to have accessed content from 36 television series and one film. The group attempted to extort 50 bitcoins from Larson, setting a January deadline. And when that deadline passed, it apparently decided to move on to extorting each of the companies producing the content individually.
Source: Risk Assessment – Ars Technica @ May 1, 2017 at 12:19PM