The FBI charged a man with allegedly stealing a trove of data from HBO earlier this year containing personal financial information and passwords belonging to company employees, as well as unreleased television scripts and episodes.
In a complaint released Tuesday, the Department of Justice contends that Behzad Mesri, an Iranian national, compromised accounts tied to HBO employees in order to steal confidential and proprietary data belonging to the premium cable network. The document says Mesri was part of a hacking group called Turk Black Hat Security.
According to the complaint, among the confidential files taken were “unaired episodes of original HBO television programs, including episodes of “Ballers,” “Barry,” “Room 104,” “Curb Your Enthusiasm,” and “The Deuce;” scripts and plot summaries for unaired programming, including but not limited to episodes of “Game of Thrones;” confidential cast and crew contact lists; emails belonging to at least one HBO employee; financial documents; and online credentials for HBO social media accounts.”
After stealing data, Mesri — operating under the pseudonym “Skote Vahshat” — allegedly sent an anonymous email to HBO personnel stating “Hi to All losers! Yes it’s true! HBO is hacked! Beware of heart Attack!!!”
The email further stated that the sender had stolen approximately “1.5 terabytes of precious data.”
Mesri then allegedly demanded a ransom, the FBI said, asking for $6 million in bitcoin.
When the breach was made public in August, hackers posted leaked data to “winter-leaks.com” and promised offered rewards to reporters who wanted interviews: “You are lucky to be the first pioneers to witness and download the leak,” the hackers wrote. “Enjoy it & spread the words. Whoever spreads well, we will have an interview with him.”
At a press conference Tuesday, Joon Kim, acting U.S. attorney for the Southern District of New York, said law enforcement is unable to arrest Mesri unless he leaves Iran. However, Kim said that his office will seize an opportunity to do so if Mersi ever travels abroad.
“Mesri should know, and all other cybercriminals should know, they are not safe behind the anonymity of their computer screen, even if they are a world away,” Kim said. “If you hack our people, our companies, our institutions, we will work relentlessly creatively to identify you, and apply all the available tools to us to find you and charge you. At some point, and it may not be right away, we will arrest you and bring you to justice.”
William Sweeney, assistant director-in-charge of the FBI’s New York office, said the bureau has seen an increase in hacking-for-extortion cases across multiple industries and hopes that publicly released indictments impose a cost that eventually deters cybercriminals from carrying out similar crimes.
“Unhindered by national borders, perhaps sometimes emboldened by the thought they can hide behind them, cybercriminals are uniquely situated to win, while many of their targets are unwittingly set up to lose,” Sweeney said. “This needs to change.”
Kim issued a further warning to Mesri or anyone else aiming to commit a similar crime.
“American ingenuity and creativity is to be cultivated and celebrated, not hacked, stolen and held for ransom,” Kim said. “Hackers who test our resolve in protecting our intellectual property may think they are safe behind the anonymity of a screen and keyboard in a country far away. But even for them, winter will come.”
You can read the full indictment below.