Another media company cyber-attack. Another opportunity to increase the amount of ransom and extortion attacks perpetrated by cyber-criminals.
The disclosure of 1.5 terabytes of data stolen from the HBO servers is being compared to the Sony hack of 2014. While there are similarities – personal information taken and released along with the threat of content (Game of Thrones, Ballers, Insecure, Room 104 and perhaps more) – it is important to recognize that the HBO situation did NOT involve the destruction of data and did NOT create a situation where HBO had any of its servers erased. While the information stolen from HBO is seven times the size of what was stolen from Sony, there was no impact upon processing.
Compare this to April 2017, when Netflix revealed a similar theft of materials (Orange is the New Black). The hackers then claimed to have stolen materials from ABC, Fox, National Geographic and IFC. The theft from Netflix actually was the result of penetrating a vendor, post-production company Larson Studios, which highlighted that a weakness in an organizations supply chain can result in the same degree of damage had the incident occurred at the organization’s site itself.
While it will take weeks and maybe months to see what the cyber-criminals do with the information and what the damage will eventually be, compared to the $300 million loss claimed by Sony, the HBO hack again highlights the issue of confidentiality and lack of safeguards that currently exist. What is clear is that stronger measures must be taken.