A hacking gang posted 3.12 terabytes of VEVO’s internal files online, after the company told them to “f–k off”.
The cache of files belonging to the music and video service appeared on 15 September 2017. Included in the data leak were office documents, promotional materials, and other items pertaining to approximately 90 well-known pop artists including Calvin Harris and Taylor Swift.
One leaked file, for instance, documented how the videos of Katy Perry, who suffered a Twitter hack in 2016, had so far generated 12.2 billion views and attracted a gender-based viewing ratio of 54 percent men to 46 percent women.
But some of the files contained more sensitive data. One included the alarm code for the service’s UK office. Needless to say, VEVO might want to change that code ASAP.
So who was responsible for this hack?
As reported by Gizmodo, the group apparently compromised a VEVO employee account for the single-sign-on (SSO) workplace app Okta. It then contacted the service via LinkedIn about the hack, causing a VEVO employee to reply with a less-than-courteous response.
Well, OurMine didn’t take kindly to those words. So it posted the data online. It doesn’t appear the group wanted to monetize the information, however, as it leaked the information for free and said it’d remove the files if VEVO asked.
The service did eventually ask OurMine to remove the documents, and the hacking gang removed some of the download links. According to Bleeping Computer, just one of the remaining URLs actually links to documents for download.
VEVO has confirmed the hack in a statement provided to Gizmodo:
“We can confirm that Vevo experienced a data breach as a result of a phishing scam via LinkedIn. We have addressed the issue and are investigating the extent of exposure.”
A LinkedIn phishing scam, huh? Let’s hope VEVO makes an effort to conduct phishing education training with its employees going forward. It should also emphasize the importance of employees enabling two-step verification (2SV) on their social media media profiles and other corporate accounts.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.