Vevo, the popular online music video hosting website, was famously attacked, but the Vevo data breach was reportedly never intended to be anything other than “friendly.”
The perpetrators of the Vevo data breach, OurMine, is a hacking collective that is best known for defacing websites and taking over high-profile social media accounts. But when OurMine attacked the Vevo servers, they say they intended only to warn the music video hosting giant of potential vulnerabilities in their online systems.
The Vevo data breach saw OurMine gather more than 3 TB of data from the music video company in what was called a “white hat hack,” intended solely to identify Vevo’s system vulnerabilities.
If the Vevo data breach was supposed to be little more than a “friendly” white hat exploration into the company’s security vulnerabilities, unlike, for example, a retail data breach, why then did scores of confidential information and sensitive company data end up being posted online?
Because a Vevo employee was “disrespectful” to the hacking collective. A member of OurMine reportedly contacted a Vevo employee – whose name has not been released – via LinkedIn, and the conversation did not go down as the OurMine member had hoped.
The Vevo employee reportedly “dismissed” the OurMine hacker’s claims that the group had mined the company’s sensitive data, and asserted that they “don’t have anything.”
Scorned, OurMine retaliated by publishing everything that they had.
While the majority of the documents published were “mundane,” others contained confidential company information – including the alarm code for the company’s physical premises in the United Kingdom, along with instructions on how to activate and deactivate the security system.
The files were hosted online until Vevo officially requested that they be removed.