Several news outlets are reporting a leaked email from HBO that discusses ransom terms for information that was hacked from their servers. The initial breach on July 31st saw hackers take 1.5TB of information supposedly including scripts, episode descriptions, and marketing material, specifically targeting Game of Thrones. Certain individuals also had their emails stolen.
The email from a senior vice president of HBO, dated July 27, shows the network offered to make a ‘bug bounty payment’ of $250,000. ‘Bug bounty’ is essentially a term for paying hackers to expose and demonstrate security problems in companies’ cyber-security.
According to Variety and the Guardian, the email read ‘you have the advantage of having surprised us. In the spirit of professional cooperation, we are asking you to extend your deadline for one week’. Negotiation seemingly continued, with the introduction of monetary ‘good faith, saying ‘as a show of good faith on our side, we are willing to commit to making a bug bounty payment of $250,000 to you as soon as we can establish the necessary account and acquire Bitcoin’.
Offering a ‘bug bounty’ is an interesting development, as it raises the question of whether HBO will, in fact, pay the ‘six months salary’ ransom request made by the hacker previously; an amount that would total between $6 million and $7.5 million. This may result in a dangerous precedent being set, encouraging more people to hack big companies like HBO with the possibility for millions of (or hundreds of thousands at least) dollars to be coerced.
However, it’s worth noting at this point that the authenticity of the email is sketchy, as there is no way of knowing if it has been altered or even fabricated. Some outlets report the email was sent from the same account used to leak stolen data previously, therefore reliable enough to release at this time.