If you were patiently waiting to revisit the inhabitants of Litchfield Penitentiary earlier this year, then it must have been a shock when 10 of the 13 episodes from the fifth season of the Netflix show Orange is the New Black were leaked online in April. According to the company that was hacked in order for the episodes to be liberated, the hack happened because it had a computer running Microsoft Windows 7.
Hacking group The Dark Overlord has claimed responsibility for leaking the new season more than a month before its scheduled release on Netflix. It breached the security of post-production company Larson Studios which worked on the new season. In an interview with Variety, it was revealed that Larson Studios’ security was breached because The Dark Overlord group was looking for computers running older versions of Windows, such as Windows 7, not perusing the internet to get the latest on Piper Chapman’s fictional life.
“They were basically just trolling around to see if they could find a computer that they could open,” said David Dondorf, Larson Studios chief engineer. “It wasn’t aimed at us.” The hackers stole and deleted all of the data on the company’s servers from numerous Hollywood studios that worked with Larson. The company first checked the servers and discovered the hack on Christmas Day 2016 after the company’s president, Rick Larson, and his wife, Jill, received an email from The Dark Overload threatening to leak everything it had from the company.
Larson Studios is working to make sure this never happens again by spending six figures to ramp up its security efforts. Some of those efforts involve keeping audio and video files separate, encrypting all data, and locking down all computers at Larson Studios. Larson claimed “a lot of what went on was ignorance,” in regard to Larson’s security efforts prior to the Orange is the New Black leak.
Windows 7 was released in 2009 and has been a hacker’s paradise as of late. Last year, Adobe systems running Windows 7 were among those targeted by hackers exploiting a vulnerability in its Flash player. Earlier this year, Microsoft stopped giving security updates to computers with the latest Intel or AMD processors running Windows 7.
