On Monday, July 31, news broke that HBO had experienced a major cyberattack. As first reported by Entertainment Weekly, the hackers who executed the attack claimed to have acquired 1.5 terabytes of data from the network — allegedly including scripts and other content for the network’s marquee series, Game of Thrones.
The hackers made it one of their first orders of business to release unaired episodes of Ballers and Room 104 online. But they didn’t stop there, sending a cryptic and oddly worded email several to different members of the media that, per EW, read:
Hi to all mankind. The greatest leak of cyber space era is happening. What’s its name? Oh I forget to tell. Its HBO and Game of Thrones……!!!!!! You are lucky to be the first pioneers to witness and download the leak. Enjoy it & spread the words. Whoever spreads well, we will have an interview with him. HBO is falling.
An alleged outline for the upcoming fourth episode of Game of Thrones’ seventh season began to circulate online shortly thereafter.
The hackers have yet to release anything as explosive as the initial leak, but they have promised that more content from the hack will be released periodically over the next few weeks.
What we know about the HBO hack so far
- HBO has confirmed that a cyberattack took place, both to news outlets and in internal statements. “The problem before us is unfortunately all too familiar in the world we now find ourselves a part of,” HBO Chair and CEO Richard Plepler wrote in an email to employees that was obtained by EW.
- According to the Hollywood Reporter, the FBI is investigating the incident, as is the cyber security firm Mandiant, which was also involved in investigating the 2014 Sony hacks.
- If the hackers’ claim of stealing 1.5 terabytes of raw data is accurate, the HBO hack is roughly seven times larger than the 2014 Sony hack, which involved roughly 200 gigabytes of data.
- Beyond the already released programming and Game of Thrones episode outline, it’s unclear exactly what else the hackers might have. One major concern is how much of the data might go beyond HBO programming to include company financial documents, employee emails, or the personal information of employees and customers. Emails were a major source of controversy in the Sony hack, as messages were made public that exposed the pay gap between Jennifer Lawrence and her male co-stars in American Hustle, the movie Concussion being edited to save face with the NFL, and employees making racially charged jokes about President Barack Obama. Sony co-chair Amy Pascal ultimately stepped down following the leaks.
- According to Variety, an internet security company called IP Echelon has been tasked with scrubbing internet search results for the hacked files. The company reportedly sent a DMCA takedown notice to Google on Tuesday, August 1, to force the search engine to remove any links to leaked HBO files, which it said included “thousands of Home Box Office (HBO) internal company documents” and “masses of copyrighted items including documents, images, videos and sound.”
- HBO has told its staff that the company’s email system likely has not been compromised. On Wednesday, August 2, Plepler sent a memo to employees that stated “we do not believe that our e-mail system as a whole has been compromised, but the forensic review is ongoing.”
- On Thursday, August 3, someone going by the name of “Kind Mr. Smith,” who claims to have been involved the attack, sent an email to an unknown list of recipients that included the Hollywood Reporter. "HBO (specially Poor Richard) is Bluffing. We have 'STILL' full access to their webmails....," the email said, apparently commenting on Plepler’s email to HBO employees. The email also claimed that “Kind Mr. Smith” had “weeks” of negotiations with HBO regarding the stolen information. “They broke their promises and want to play with us,” the email says. It is unconfirmed as to whether the sender was indeed involved in the hack, but some have noted that the email is written in the same caustic tone as the original message sent to select press, which feels like something out of an early 2000s hacker film.
- Fitting with the hacker flick narrative, in that same email, “Kind Mr. Smith” promised to release more content from the hack on Sunday, August 6 — though nothing ultimately materialized. That evening, the Hollywood Reporter received a new email from the “Kind Mr. Smith” account, claiming that no new content was being released because "Some of HBO's top competitors are negotiating with us for buying the dump” — a tough claim to believe, given that it would be an incredibly dubious and risky move for a rival network. “It's highly unlikely that any of HBO's network rivals in the US would purchase stolen content or other information obtained by a security breach,” the Hollywood Reporter noted. It remains unconfirmed as to whether “Kind Mr. Smith” was actually involved in the hack.
- On Monday, August 7, “a publicly accessible link to a cache of internal documents” from the hack was posted online, according to the Hollywood Reporter. The cache reportedly includes emails from one of HBO’s top executives — the first evidence that HBO’s corporate email system may have been breached — along with several internal documents (including one labeled “Script GOT7”). In a statement, HBO said, “While it has been reported that a number of emails have been made public, the review to date has not given us a reason to believe that our e-mail system as a whole has been compromised."
- Information surrounding the hackers’ motive and whether they’re asking for ransom has remained blurry and influx. The Hollywood Reporter reported on August 7 that the hackers sent a video letter directed to Plepler demanding money. But this may be a more recent development, as the site had previously stated that according to its sources, there was no ransom demand.
- The most recent episode of Game of Thrones’ seventh season, which officially aired Sunday night, did leak online two days before its debut. However, the leak was not connected to the hack, and instead involves HBO’s distribution partner, Star India.
What we don’t know
- Exactly what was included in the 1.5 terabytes of stolen data that the hackers claim to have acquired, beyond what has already been posted online.
- The identities of the hacker(s).
- Whether the person who has emailed reporters under the name “Kind Mr. Smith” was actually involved in the hack.
- How much ransom money the hackers may be seeking from HBO.