Unidentified hackers have reportedly acquired a digital copy of the unreleased Disney film "Pirates Of The Caribbean: Dead Men Tell No Tales," and are demanding a large ransom to not release it.
Disney CEO Bob Iger did not confirm which movie the hackers have, but did tell ABC employees on May 15 that the hack did happen, multiple sources told The Hollywood Reporter.
Deadline notes the film is the fifth "Pirates" flick and is supposed to be released in theaters on May 26.
According to The Hollywood Reporter, Iger said the hackers want to be paid a large amount of money via Bitcoin. They're threatening to release five minutes of the movie, followed up with 20-minute clips until the ransom is paid.
Disney does not intend to pay the extortion, and is working with federal investigators.
Netflix was victimized by a similar hacker in late April. That hacker leaked 10 episodes of the upcoming season of "Orange Is The New Black" on The Pirate Bay after Netflix refused to pay up. The show officially launches on June 9; it's not clear what effect the early leaking will have.
Some major Hollywood talent agencies, including ICM, UTA and WME, have reportedly been hit by hackers and extortion demands in recent months.
Hector Monsegur, director of Security Assessments for Rhino Security Labs and a former computer hacker himself, told Deadline that "attribution is probably the hardest thing the FBI is dealing with here."
Monsegur, who was once a FBI informant, explained how hard it is to catch sophisticated hackers who use misdirection tactics:
It’s nearly impossible because you have various hackers from pretty much anywhere, Also, they are aware of techniques to track them down. So you could have an Egyptian hacker who uses Russian software so it looks like it’s Russian but is actually from Egypt.
All these companies like Disney, Netflix and Discovery may have very good security teams but you have all these vendors and small production companies which don’t have great security and probably don’t have the budget to focus on their own security so hackers get in pretty easily.
Remember back in the day when movies would leak online and they would go to a pirate bay? Now there has been a shift with the advent of ransomware so (these companies) are getting demands to pay for their own IP. Any studio is going to have a problem moving forward protecting their IPs.