After a hostile interaction between a Vevo employee and a member of the hacking group, OurMine, the hackers retaliated by making their files public.
This week hacking group OurMine managed to infiltrate private files from the video service, Vevo. These files were taken from their internal network.
The attack reportedly followed after an employee from Vevo was disrespectful to an OurMine member on LinkedIn. The private information and data was made public on OurMine’s website earlier this week, in the form of downloadable links. The total amount of leaked files is considered to be a total of around 3.12TB of data.
By now most of the links have been removed, even though the web page hosting the links appeared to the public only a short time ago.
Currently most links only direct to a Vevo Box.com login. According to OurMine’s website, they complied with a request from Vevo to remove the links. At this point, only five of the six links are available for downloading, and of these five links only one actually, has any data.
According to sources the only people who have actually seen the files for downloading, have been Gizmodo reporters who first happened upon the story, Vevo employees and representatives, and information security researchers.
Reporters from Gizmodo stated that the overwhelming majority of files were not sensitive or damaging to anyone in any way. Most of the files seemed to be harmless ones like music charts, pre-planned social media posts, and official documents regarding certain artist’s record label management. Only a tiny percentage of these were sensitive data.
While Vevo has addressed the security breach, they attributed it to a LinkedIn phishing scam and have not mentioned the interaction between one of its employees and the involved OurMine member.
Vevo did not confirm claims that OurMine demanded any ransom money for the files. Although many have speculated that Vevo may have given in to ransom demands considering how swiftly the files were removed. As of yet, OurMine has declined to comment.
Vevo is just another high-profile target that OurMine can add to its hacking list. According to BuzzFeed, this group is believed to operate out of Saudi Arabia. Up to date, OurMine has never really hacked and leaked files but have been more interested in targeting the social media accounts of celebrities, CEOs, and other high-profile persons of interest and institutions.
To date, OurMine defaced several websites including BuzzFeed, TechCrunch, WikiLeaks, and Variety. They successfully managed to hack Twitter accounts of the BBC and Play Station. People they have targeted included Mark Zuckerberg, Dick Costolo, Jack Dorsey, Sundar Pichai, Zack Klein, Ev Williams, Marissa Mayer, Jimmy Wales, Daniel Ek, and several celebrities including Channing Tatum, Calvin Harris, and many more.