In another skirmish in the ongoing cyberwars, one of Hollywood's leading talent management agencies is the victim of a computer virus which has brought it's internal network operations to a near-standstill. The United Talent Agency, with offices worldwide, was struck Monday, causing email, file access, and network communications in their Beverly Hills headquarters to shut down. Staff have been told to switch to using personal devices to communicate and try to work as best they can, while avoid the company's internal network.
A UTA spokesman told TheWrap that:
On Monday, UTA was the subject of a malware incident — an unfortunate yet common reality of our digital world that can take place regardless of the strong safeguards a company has in place. Most importantly, we have no reason to believe any private information about the agency, its employees, or its clients has, in any way, been compromised.
He also added that:
In the interim, every member of our team continues to have access to their email and phones, and the situation is being resolved.
The statement that email was accessible, while earlier reports suggesting that they were impacted were contradictory. inEntertainment, an entertainment industry production and meetings scheduling service has temporarily suspended UTA's access (likely to prevent any uploads of infected files to their system). This had a cascading impact on other firms who relied on their ability to coordinate with UTA.
One UTA insider is reporting that a ransom of 25,000 bitcoins had been demanded (a value of approximately $30 million) by hackers to suspend the impact of the viral attack. A UTA executive denied that there had in fact been a ransom demand, but was aware of the rumor of a demand but that they had heard it was a total value of $25,000 (approximately 20 bitcoins). If the ransom rumor were true, that latter amount would be more in line with contemporary hijacking demands.
While they may be able to successfully deworm their network without paying anyone off, the odds of their insider data truly having remained secure throughout the breach is slim. The value of the files and contact information available would be too rich of a target not to have had copies sent back off-network.
If this turns out to be a legitimate targeted attack rather than one user's accidentally triggering a standard but rather virulent malware virus, it will be the largest entertainment industry breach since Sony's hack back in 2014. That hack had contained candid email conversations which resulted in Sony Co-Chairman Amy Pascal's stepping down.