Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense
Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense
Hub Image

IOTW: Nickelodeon allegedly suffers 500GB data leak

The suspected leak contains 500GB of data including details of unreleased shows

Add bookmark
Olivia Powell
Olivia Powell
07/07/2023
Nickelodeon allegedly suffers 500GB data leak

American television company Nickelodeon has suffered an alleged data leak of 500GB of proprietary information.

News of the leak was shared by a Twitter user who uses the screen name GhostyTongue. On June 29, the Twitter user shared a video showing a number of files allegedly belonging to Nickelodeon that had been stolen and distributed, including details of unreleased shows and scripts.

The data leak was apparently caused by an authentication vulnerability within Nickelodeon’s consumer products and experience portal, which allowed unauthorized access to confidential content within Nickelodeon’s animation department. The software vulnerability that led to the cyber attack was allegedly patched two months later.

The data theft allegedly took place in January 2023, with the information initially being shared on Discord. Two Discord users, who use the screen names BowDown and IncidentalSeventy, were linked to the cyber attack by GhostyTongue, who claimed that they “have been taken down by the Feds [sic]” and are “going to court soon”. 

Nickelodeon has reportedly taken action against the data leak, filing Digital Millennium Copyright Act (DMCA) takedowns to get the data taken offline.

Ghosty Tongue later added to the claims on July 2, adding that a private discord server had shared a download URL to a new set of information stolen from Nickelodeon, potentially during the first cyber attack. The data stolen allegedly includes the source code for all Nickelodeon flash games.  

People took to other social media sites to discuss the leak, with one user of the social media site 4chan claiming that Nickelodeon’s internal systems had been compromised for more than a year. The user alleged that private online communities have been sharing data amounting to 500GB, including animation files, photoshop documents and scripts.  

These claims match with the allegations and clip shared by GhostyTongue on Twitter, however, the cyber attack and subsequent data leak has not yet been confirmed by Nickelodeon.

Television companies can be an attractive target for hackers, as the information they carry is valuable to a number of people, not just malicious actors.

What happened when HBO got hacked?

In July 2017, cable television company HBO was the victim of a cyber attack which saw the malicious actors steal thousands of documents. In total, an estimated 1.5TB of data was stolen during the cyber attack.

The information stolen, and later leaked, included scripts for upcoming episodes of popular fantasy series Game of Thrones. The cyber attack was described by chairman of HBO, Richard Piepler, as “disruptive, unsettling, and disturbing”.

In a statement about the breach, HBO said it “immediately began investigating the incident” and started working with law enforcement and external cybersecurity firms regarding the data breach. 

The hacker responsible for the attack sent a message to news organizations about the breach, which read: “Hi to all mankind. The greatest leak of cyber space era is happening. What’s its name? Oh I forget to tell. Its HBO and Game of Thrones……!!!!!! [sic] You are lucky to be the first pioneers to witness and download the leak. Enjoy it and spread the words. Whoever spreads well, we will have an interview with him. HBO is falling.” 

An Iranian hacker named Behzad Mesri, who used the alias ‘Skote Vahshat’ was later arrested, indicted and charged with a number of offences relating to the crime. These included extortion, computer fraud, identity theft and wire fraud.

Mesri remains wanted by the FBI, as it was recognized by US officials that it would be difficult to detain him as he lives in Iran. 

Tags: cyber attack cyber security news cyber security

More From Incident of the Week

IOTW: Victoria Court recordings exposed in suspected ransomware attack

Unauthorized access disrupted audio visual in-court technology network impacting video recordings, a...

2024-01-05 by Michael Hill
IOTW: Xfinity data breach impacts 35 million customers

Exposed data includes usernames, hashed passwords and social security numbers

2023-12-22 by Michael Hill
IOTW: Russia-linked cyber attack targets Ukraine’s biggest phone operator

Powerful attack knocked out internet access and mobile communications, damaging IT infrastructure

2023-12-15 by Michael Hill
IOTW: HTC confirms cyber attack as BlackCat ransomware gang teases stolen data

BlackCat/ALPHV ransomware group leaked photos of what appears to be stolen passports, contact lists,...

2023-12-08 by Michael Hill
IOTW: Okta data breach affects all customer support users

Hackers stole information on all users of Okta’s customer support system

2023-12-01 by Michael Hill
Go To Hub

RECOMMENDED

FIND CONTENT BY TYPE

Cyber Security Hub COMMUNITY

ADVERTISE WITH US

Advertise Now

JOIN THE Cyber Security Hub COMMUNITY

Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

Learn more
iqpc logo

Cyber Security Hub, a division of IQPC

© 2024 All rights reserved. Use of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookies Settings.

Careers With IQPC| Contact Us | About Us | Cookie Policy