A multibillion-dollar TV production company has become the latest big corporate name caught out by ransomware, it emerged late last week.
French multinational firm Banijay SAS owns over 120 production firms around the world, delivering TV shows ranging from MasterChef and Big Brother to Black Mirror and The Island with Bear Grylls.
In a short update last Thursday, it claimed to be managing a “cyber-incident” affecting the networks of Endemol Shine Group and Endemol Shine International, Dutch firms it acquired in a $2.2bn deal in July.
Although ransomware isn’t named in the notice, previous reports suggest the firm is being extorted.
It admitted that data may have been taken, in what would be a classic “double extortion” attack.
“The business has reason to believe certain personal data of current and ex-employees may have been compromised, as well as commercially sensitive information,” it said.
“We are continuing to take the appropriate steps and remain committed to protecting our employees, past and present, so if we do identify any cases of data being taken or misused, we will contact the affected individuals directly.”
In the meantime, the firm said it is investigating the attack with “independent specialists” and has notified the relevant authorities in the Netherlands and the UK: the two countries affected by the incident.
Banijay would do well not to engage with the extortionists. A recent Coveware report warned that “paying a threat actor not to leak stolen data provides almost no benefit to the victim.”
The vendor claimed that several ransomware groups still publicly dox companies even after payment, while others may demand a second payment to remove any data they may have stolen.
Victim organizations should in any case assume that it has been or will be either sold to other threat actors or used in a future extortion attempt, Coveware claimed.