GOT Finale Leak Lurking Around the Corner

HBO hackers - Mr Smith, reached out to Mashable late in the evening last week, revealing a data dump from the HBO leaks including “confidential plot summaries and outlines” that purportedly sum up the end of season 7. The data dump contains what they claim is the end of Season 7 of Game of Thrones.

The hackers further made a revelation that they sold over 5 TB of HBO’s data to three customers in the deep web market (an underground online market inside a hidden private internet) which opens up a huge possibility of the much anticipated season finale getting leaked before the scheduled date. Mashable decided not to leak the details of the finale. HBO chose to not comment on the matter.

The Mr Smith group said in an email to Mashable: “By the way, we officially inform you and other hundred of reporters whom emailing us that we sold ‘HBO IS FALLING’s entire collection (5 TB!!!) to 3 customer in deep web and we earned half of requested ransom," they also added. "We put a condition for our respected customers and they approved. We will leak many many waves of HBO’s internal stuff to punish them for playing us and set an example of greedy corporation."

The group had demanded $6.5 million in Bitcoin to stop the leaks, but HBO did not co-operate. The hackers now claim to have sold the data to deep web buyers and made over $3.2 million of it.

Ankush Johar, director of BugsBounty.com, said: “1.5 Terabytes is a huge amount of data. If the basic threat-intelligence and breach detection mechanisms, if in place, would have detected the leak and help mitigate the damage. This is a big lesson for HBO and others too.

“HBO allegedly offered $250,000 to the Mr Smith group to halt the leaks but the group managed to sell the data for over a million dollars each to 3 of the dark market buyers. This shows a clear discrepancy between the bounty a company is willing to pay for its security and the demand for the data in the community. A pre-emptive measure of having a bug bounty program with even a fraction of these rewards would have motivated the ethical hackers enough to report possible vulnerabilities and avoid this situation all together.”