Note to self: Never send an expletive-filled message to an experienced hacker group. Vevo found that out the hard way.
Vevo has confirmed that they’ve experienced a serious data breach. Hacker group OurMine has claimed responsibility for the hack.
Last month, the notorious group took responsibility for hijacking WikiLeaks’ DNS. Weeks earlier, they also took over HBO’s Twitter account. In addition, OurMine has claimed responsibility for hacking Mark Zuckerburg’s Twitter and Pinterest accounts.
Following the hack, OurMine published 3.12 TB of internal Vevo files online. They subsequently reached out to the Inquirer and Gizmodo to report the breach.
According to Gizmodo, the leaked files contain videos, office documents, and other promotional materials. They noted that some of the files contain mild information, including weekly music charts and upcoming social media content. However, the hacker group also published sensitive files, including Vevo UK’s alarm code.
OurMine usually hacks companies to reveal their weak security. However, this leak appears to be personally motivated.
On Thursday, the group claimed that they had first reached out to Vevo. This was done possibly in an attempt to alert them about their security. Yet, an unnamed employee told the hacker group to “f—k off,” prompting the group to publish the files online. The group said that they would take down the files if asked to do so.
In an email sent to Gizmodo, OurMine said,
“If they asked us to remove the files then we will.”
In a statement, a spokesperson for the company said earlier today,
“[The company] can confirm that Vevo experienced a data breach as a result of a phishing scam via Linkedin. We have addressed the issue and are investigating the extent of exposure.”
Vevo is a joint venture between Universal Music, Sony Music, Abu Dhabi Media, Warner Music Group, and Alphabet Inc.