United Talent Agency Suffers Malware Attack, Rumored Ransom

Media Division | April 13, 2017

Various types of information in regard to the entertainment industry has been targeted over the years by cyber attackers.  One of the most well-known incidents was the famed “Celebgate,” in which hackers stole personal and sensitive pictures of celebrities, and leaked them onto the web. Of course, pictures are not the only type of digital target for attackers.  In yet another entertainment industry related attack, the United Talent Agency (UTA) was hit by malware on Monday which caused heavy disruption of their systems.

Systems Affected in the Attack

UTA is an extremely large talent agency, with offices nationwide, and representing stars such as Chris Pratt, Gwyneth Paltrow, and Angelina Jolie.  According to reports, the attack had affected their Beverly Hills headquarters and resulted in the shutdown of their email, network communications, and file access systems.  Employees were then instructed to operate using their personal devices, as opposed to the company network. According to a UTA spokesperson, “On Monday, UTA was the subject of a malware incident — an unfortunate yet common reality of our digital world that can take place regardless of the strong safeguards a company has in place. Most importantly, we have no reason to believe any private information about the agency, its employees, or its clients has, in any way, been compromised.” It is fortunate that UTA is stating that no information of the agency’s employees or clients was affected, as they likely hold highly sensitive data of both.  UTA has stated that their Nashville, New York, and London locations were not affected by the incident.

As a further effect of the attack, inEntertainment, a meeting scheduling and production monitoring software company had removed UTA’s access temporarily.  inEntertainment is used widely across the industry, and this suspension of UTA had resulted in slowed and disrupted operations for those who rely on coordination with UTA.  Though, inEntertainment has stated that the attack did not affect any of their own systems and that the service outage was specific to UTA, with no other customers experiencing service interruptions.

Conflicting Reports of the Attack

Reports and comments upon the incident have been quite conflicting.  According to some reports, an insider at UTA had said that a ransom of $25,000, or about 20 bitcoin, was being demanded, but a UTA executive had refuted these claims.  There have also been conflicting reports as to the impact upon the email system, as some had stated that they were shut down, whereas a statement from UTA had said they remained accessible. There have also been debates as to whether the attack was deliberately targeted at UTA or not. It may simply be that UTA wants the knowledge of the impact and extent of the attack to remain an internal issue, though this is purely speculation.

Mitigating an Attack with Cyber Investigation Services

Cyber attacks can cause a wide array of damage, and they are unfortunately more common than ever in this day and age.  The malicious purposes of cyber attackers can vary widely, as they could be targeting personal or sensitive information, or working to gain illicit funds.  Whatever the case may be, it is important for an organization to properly address an attack, which is where cyber investigation services come in.  While there are many steps that need to be taken in the event of an attack, a primary one is a thorough investigation of the incident, including tracing the source where possible.  This allows the organization to take further action against the perpetrators of the attack.  Massive Alliance offers comprehensive cyber investigation services, including thorough forensics to assist an organization in remediating a cyber attack.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.