Cybercriminals are continuously attempting new and innovative ways to defeat security measures and controls to pilfer sensitive data.
Recent attacks on entertainment companies
In November-end, the world’s largest independent production company, Banijay, had confirmed that its internal data was stolen in a cyberattack. Furthermore, it warned ex-employees that they may be affected.
- In the same month, hackers used an exposed database of 380 million records to launch credential stuffing attacks to gain access to Spotify accounts.
- A new CRAT strain, which is known for specifically targeting the entertainment industry, was being used in targeted attacks.
- In October, Commission Kings’ brands including BetOnline were temporarily suspended due to a cyberattack.
Additional threats and insights
In recent months, threat groups such as ShinyHunters have been frequently targeting several entertainment organizations and leaking their sensitive data.
- In the past few weeks, ShinyHunters hacker was seen selling 3.2 million Pluto TV user records and 5.22GB worth of a database belonging to Mashable.com.
- ShinyHunters can be often spotted targeting the online accounts and credentials and not the financial information such as credit card details.
- It is a manifestation of the fact that credentials and other personal details continue to be in great demand in the underground marketplaces.
Online accounts pertaining to digital entertainment are often misvalued and considered as low-risk elements. Howéver, that isn’t the case. Experts recommend using different passwords for different accounts and possibly using a password manager to keep track of various credentials.