How did HBO get hacked? A cyber security expert has two theories

game of thrones
Helen Sloan/HBO

Hackers recently absconded with 1.5 terabytes of data from HBO, and have since leaked unaired episodes of Ballers, Room 104, and Game of ThronesHBO says it has been looking into the hack since it was discovered, but few conclusive details are known. So Digital Trends sought answers; we asked a cybersecurity expert exactly how the HBO hack could have happened.

The answers aren’t pretty.

Roderick Jones is the founder of cybersecurity and privacy firm Rubica, and has been involved in cybersecurity for more than 15 years. Before he was helping Ashton Kutcher keep his data secure, he was a member of Scotland Yard’s Special Branch focusing on international counterterrorism. The cyberattacks he dealt with during his time on Special Branch are classified, but Jones does say he was involved with protecting a prominent British cabinet member.

hbo hack explained roderick jones cyber security expert

Roderick Jones

“The entertainment industry is probably five or six years behind where it needs to be,” Jones told us. He claims one movie studio had no cybersecurity before he helped out, following the massive Sony Pictures hack in 2014. The damage these hacks can cause are no joke — but the entertainment industry’s security is laughable.

Jones says hackers are usually in a system for months and believes the HBO situation may have followed the same pattern. Here’s how the biggest hack in HBO history probably happened.


Jones’s primary theory: The entire hack was possible because HBO uses old tech to house its content. “The Wannacry attack, the ransomware that kind of shut down the health service in Britain? That was targeted at an old Windows system,” Jones said. “That has created a vulnerability for HBO. I would say that’s probably a certainty, because that’s where the weaknesses are.”

“The entertainment industry is probably five or six years behind where it needs to be.”

Windows has been a gateway for hackers to enter the entertainment industry’s computer systems as of late. The malware used in the infamous 2014 hack of Sony Pictures targeted and manipulated Windows management tools.

And Netflix lost 10 episodes from Orange Is The New Black‘s fifth season this year because the episodes were on servers running Windows 7. Larson Studios, the post-production company that was hacked, claims the perps weren’t even looking for the show, just computers running Windows.

After the first four episodes of Game of Thrones’ fifth season leaked before the season premiere in 2015, HBO announced it would have critics stream advance episodes online, instead of the company sending DVDs. Stopping opportunistic TV critics is one thing, but preventing sophisticated hackers from entering your system is more complicated for entertainment companies.

hbo hack explained international bbanks and businesses in bucharest

“People think you can just flick a switch and say ‘oh, I’ll have cybersecurity.’ It just doesn’t work like that, because the machines they have running all of this content are going to be legacy systems. You just can’t do it overnight,” said Jones.

This is when things could get personal.

If it wasn’t Windows, it was this

Jones’s secondary theory is the hackers targeted individual employees. Even if HBO keeps all of its files and internal documents behind heavily encrypted security, it likely doesn’t extend that level of security to each individual employee.

The damage these hacks can cause are no joke, yet the entertainment industry’s security is laughable.

“If you’re a senior executive at one of these companies you probably have some security when you’re sitting in the office at the company. But not when you go home,” Jones asserted. “The hackers understand, ‘I’ll just wait for you to go home. Or I’ll wait until you get a cup of coffee from around the corner of the movie studio.'”

This method of attack could be the culprit; Variety reported hackers appear to have accessed the personal info of an HBO senior executive. Some of the information stolen may have given the hackers access to the executive’s work email, according to reports.

Jones said that very access could do HBO exponentially worse damage than leaked Game of Thrones episodes. “The financial damage is not through leaked episodes of Games of Thrones. It’s through details, emails between staff, all of the mechanics of the business.”

Trouble ahead

Verizon acquired Yahoo earlier this year for $350 million less than originally reported, following a disclosure by Yahoo that 32 million email accounts were hacked. AT&T agreed to acquire HBO parent company Time Warner for $85.4 billion in October 2016. With a Department of Justice investigation slowing the deal’s finalization, this hack could lead to AT&T lowering its offer or even potentially walking away from the deal. Entertainment deals are big business, in other words — and hacking is having a big effect on them.

Sony had 200 gigabytes of data stolen in 2014, and thousands of incriminating emails were released, including racially insensitive messages from Amy Pascal, co-chair of Sony Pictures Entertainment. Pascal resigned as head of Sony Pictures shortly after the emails became public. This time, hackers have obtained nearly six times as much data from HBO and are preparing to leak information every week.

If history repeats itself, HBO may never be the same again. Winter really is here.