The hacking group OurMine has been breaking into company networks and social accounts for years, usually inflicting more embarrassment than outright damage — but when they gained access to Vevo servers last night, the company somehow managed to provoke something worse.
According to a screenshot posted by OurMine, the group contacted a Vevo representative at 6:10PM with news of the compromise, only to be met with profanity and disbelief.
In response, OurMine posted 3.1 terabytes of data from Vevo’s servers, a leak first reported by Gizmodo. Browsable from OurMine’s site, the data included Vevo’s private dossiers on 90 different artists, including Taylor Swift, Ariana Grande, One Direction and U2. Other documents included social-media strategy memos and instructions for disabling the office’s alarm system.
Despited the public airing, OurMine insisted they would delete the data if contacted by a Vevo representative — and they seem to have kept their word. This morning, the data abruptly disappeared from the site. A new message on explained, “we deleted the files because of a request from VEVO.” Attempts to access the data redirected to a Vevo-branded Box login page.
OurMine didn’t explain how they’d gained access to the data, but in a statement to Variety, Vevo attributed the compromise to “a phishing attack through LinkedIn.”
Vevo joins a long string of companies compromised by OurMine, which typically uses high-profile targets to drum up interest in legitimate security products. Last month, the group compromised both the WikiLeaks website and various HBO-linked social media accounts. Previous targets include Mark Zuckerberg, Sundar Pichai and Jack Dorsey.