While the West may still be reeling under the after-effects of the cybersecurity breach at the credit monitoring firm Equifax, here comes news about yet another security breach at music-streaming service Vevo, leading to release of over 3 terabytes of internal documents and video content online, before being removed later at Vevo’s request.
The self-described White Hat collective OurMine took responsibility for the hack. According to the hacking group, they did try to contact Vevo with the news of the breach, only to be met with profanity and disbelief, which made them post 3.1 terabytes of data from Vevo’s servers, a leak first reported by Gizmodo.
The online music video service, a joint venture between music giants Universal Music Group, Sony Music Entertainment and Warner Music Group confirmed the breach, calling it the result of a phishing scam via LinkedIn. "We have addressed the issue and are investigating the extent of exposure," a Vevo representative told Variety.
Vevo offers 250,000 official music videos that draw 21 billion views a month globally on its popular YouTube channel and its own site and app.
Vevo is the latest victim of OurMine, which typically uses high-profile targets to drum up interest in legitimate security products. Last month, the group compromised both the WikiLeaks website and various HBO-linked social media accounts. Previous targets include Mark Zuckerberg, Sundar Pichai, Niantic's CEO, and Jack Dorsey.