Netflix Hacker Stole “Orange Is the New Black” Season from Vulnerable Windows PC

Share this…

Larson Studios paid $50,000 to the hacker group, but they decided to leak the season because of breach of contract.

Season 5 of Netflix’s “Orange in the New Black” TV show got leaked in April after hacker The Dark Overlord managed to break into the network operated by Larson Studios, and according to new information, it was all possible because of an insecure Windows 7 system.

In a statement for Variety, Larson Studios executives explain that the breach first took place on a Windows 7 system, claiming that their computers weren’t necessarily the target of the attack.

“They were basically just trolling around to see if they could find a computer that they could open,” said David Dondorf, Larson Studios chief engineer. “It wasn’t aimed at us.”

The hacker was paid $50,000

What’s more interesting, however, is that Larson Studios actually agreed to pay the hacker for not leaking the unreleased “Orange in the New Black” season, though all episodes ended up being published online despite the payment.

The Dark Overlord says that even though they received 50 Bitcoin, which was the equivalent of $50,000 at that point, they decided to leak the season online because the Hollywood-based studio contacted law enforcement.

The hacker typically forces victims to sign written agreements, and according to their own statements, the contract with Larson Studios involved not reaching out to the FBI to investigate the breach. So even though they received the money, hackers still leaked the full season because of the breach of contract.

“We found Larson Studios was in great delinquency of the agreement after sources confirmed law enforcement cooperation,” the hacker said. “Our agreement provides us the right to execute harmful action against any client who defrauds our agreement.”

It’s believed that The Dark Overlord could be in possession of other unreleased TV shows produced for CBS, NBC, and ABC, but at this point, it’s not yet clear if further leaks are possible or any other payments to prevent the content from reaching the web have been made.