Game of Thrones: Iranian Hacker Charged in HBO Data Breach

Game of Thrones Hacker Charged Season 7 HBO

An Iranian national who allegedly hacked into HBO servers and stole unreleased episodes of Game of Thrones has been charged in relation to the crime, the United States Attorney for the Southern District of New York’s office announced Tuesday.

Behzad Mesri is facing counts of wire fraud, computer fraud, aggravated identity theft and interstate transmission of an extortionate communication for stealing HBO’s proprietary data during a cyber incident and then allegedly trying to extort the premium cable channel for $6 million in bitcoin.

During a press conference in Manhattan, acting United States attorney Joon H. Kim detailed the timeline of Mesri’s alleged crimes. The hacker, who used the online name Skote Vahshat, “conducted his attack on HBO in a methodical way,” Kim said, adding that Mesri allegedly compromised multiple HBO employee accounts and used them to facilitate the transfer of what the hacker claims was 1.5 terrabytes of information to a server he controlled.

Included in the alleged cyber robbery: unaired episodes of ThronesBallersCurb Your Enthusiasm and Bill Hader’s upcoming series Barry, as well as scripts, plot summaries, emails, financial information and other documents. HBO received emails that indicated the information and episodes were being held for ransom, and that they would be released and/or destroyed if the cabler did not pay, Kim said, adding that HBO did not make payments.

In a statement, HBO said it “has confirmed in the past that we were working with law enforcement from the early stages of the cyber incident. As far as the criminal case is concerned, we prefer to leave any comments to the US Attorney’s Office.”

Kim also said that Mesri, who is not currently in U.S. custody, has a history of hacking on behalf of the Iranian military. The U.S. Attorney’s office released a photo of the alleged hacker, who is now on the Federal Bureau of Investigations’ Most Wanted list:

Season 7 was a trying one for Game of Thrones. In early August, in a move unrelated to the July data breach, Game of Thrones’ fourth episode was shared on Reddit via a Google Drive link that was eventually removed. The leak started at the series’ Indian distributor Star India; four people later were arrested for criminal breach of trust and computer-related offenses in connection with the leak. All four either work or worked for Prime Focus Technologies, a data-management vendor used by Star India.

Then, later in August, HBO Nordic in Spain accidentally released Episode 6 on-demand ahead of its airing. Though the installment was available for only an hour, some viewers ripped the video and then shared it online.

But the leaks didn’t have an adverse effect on viewership: Episode 4 pulled in an audience of 10.2 million, which briefly stood as the series’ most watched episode until Episode 5, “Eastwatch,” attracted 10.72 million viewers. The season finale, “The Dragon and the Wolf,” nabbed a series-high audience of 12.1 million viewers in its initial airing (a number that increased to 16.5 million after replays and streaming were accounted for).