Hollywood, CA (May 3, 2017)—Orange is the new hack for Netflix and audio post production facility Larson Studios, as hackers released the first 10 episodes from the next season of Orange is the New Black this past weekend after failing to extort a ransom from the two companies.
While the 2014 hack of Sony Pictures may have served as a wake-up call for the larger entertainment content studios to tighten up security, this latest breach highlights the vulnerability of smaller third-party vendors. Larson Studios, which maintains two multi-room mix and editorial facilities in Hollywood, lists 11 staff on its website.
According to reports, the hackers, a group operating under the name thedarkoverlord, gained access to Larson’s network toward the end of 2016. The file names of the episodes made available on torrent site the Pirate Bay over the weekend indicate that they were standard-definition H.264 ProRes Proxy workprints suitable for offline editorial (and dated September 2016).
While it might be assumed that thedarkoverlord is specifically targeting Hollywood, the hackers appear simply to be interested in monetary gain, whatever the source. The group’s name had previously been linked with data breaches and ransom demands at a construction company, a glue manufacturer, and a number of health services organizations over the past year or so.
During an exchange with DataBreaches.net, thedarkoverlord stated that its only motivation is its “greed for internet money.” The group initially demanded a bitcoin ransom from Larson Studios at the end of 2016, but after the studio failed to pay on time it turned its attention to Netflix, stipulating a deadline of January 31, 2017.
The streamer appears to have ignored the group. “Our proposals went unanswered so our hands have been forced,” wrote thedarkoverlord in a communication with DataBreaches.net.
Netflix has released a statement: “We are aware of the situation. A production vendor used by several major TV studios had its security compromised and the appropriate law enforcement authorities are involved.”
According to the New York Times on April 29, “The Federal Bureau of Investigation learned of the episode at Larson Studios in January but did not start notifying the content companies until a month ago.” The first 10 episodes of Orange, nearly 12 GB of content, appeared on Pirate Bay the following day. The final three episodes of season 5 are missing, perhaps because the hack occurred before they were sent to Larson for audio post services.
Orange is not the only series stolen by the group, which claims to also have new seasons of series from various other networks in its possession. According to DataBreaches.net, a list provided by thedarkoverlord also included Bill Nye Saves the World (Netflix), Brockmire (IFC), NCIS Los Angeles (CBS), Celebrity Apprentice (NBC), It’s Always Sunny in Philadelphia (FXX) and many others. Some of those series have already aired, at least partially. All five of those named shows are included on the list of recently mixed projects posted on Larson’s website.