It's safe to say that last Christmas was completely ruined for Rick and Jill Larson of Larson Studios, a small, family-run, Hollywood-based audio post-production business for big-name television shows.
In an exclusive obtained by Variety, the Larsons detail exactly what went down on Christmas of 2016 and how a few mysterious texts led a group of hackers known as The Dark Overlord to release the entire season of Orange in the New Black a month before it's official Netflix release.
We've covered the high drama here before, so catch on up, but the Variety story is the first time that the Larsons have broken their silence about the incident. Here's what went down:
Two days before Christmas, both Larsons received a weird text from an unknown number, which the pair just ignored. On Christmas Eve, the couple both received another text from the same unknown number which read, "Why are you ignoring me, check your email for a message that will change your life."
Upon checking their email, the Larsons realized that a hacker group calling itself "The Dark Overlord" had made its way inside the company's servers and was threatening to leak Larson Studios' data.
"Once I was able to look at our server, my hands started shaking, and I almost threw up," said Larson Studios' director of digital systems Chris Unthank.
The hackers had stolen and deleted all of the studio's data and they wanted 50 Bitcoin, or approximately $50,000 to give it back. The Larsons had to promise not to tell anyone, and the hackers promised they wouldn't tell anyone. If the couple just paid up, the data would be returned and no one including the big studios who hired the Larsons would be the wiser.
Larson Studios called the FBI. But, as Variety explains, the feds weren't much help in dealing with a sinister hacker group demanding a ransom.
"It was an evolutionary process. The Dark Overlord had given us a very short window to respond. They were threatening us with actually releasing Orange Is the New Black before New Year's. So the feeling was that we needed to at least initially agree to cooperate and buy time," explained Jill Larson.
The Dark Overlord also provided proof of the content they held, which included titles from Netflix, ABC, CBS and Disney.
After studying The Dark Overlord's history, it appeared to the Larsons that once paid, the hackers kept their promise and either returned or deleted the stolen data. "It was Gorilla Glue before us, and a children's charity right after," Dondorf explained Variety of The Dark Overlord's previous targets.
"They would return the materials, destroy the materials, and it was over. This was the way they work," said Rick Larson.
Despite numerous advice against paying the hackers from their bank, the FBI, and a security expert who deals with these sorts of things, the Larsons decided to suck it up and send the money. Over the course of 19 transactions, Jill Larson paid off The Dark Overlord.
"We had a trust from our clients to protect their intellectual property, and the best way to do that with these people was to pay them," explained Rick Larson.
But once the Larsons paid, the FBI called to say that The Dark Lord had been blackmailing big studios with the data they'd stolen from the Larsons. Netflix refused to submit to the hackers' demands and with that, Season 5 of Orange is the New Black was released a month-and-a-half before it's scheduled launch.
The hackers sent the Larsons a final email, explaining that because the pair contacted the FBI, they hadn't followed The Dark Overlord's instructions and all bets were off. "They said they felt they owed us an explanation as to why they had done it," said Jill Larson.
The experience has been a life and company-changer for the Larsons, who obviously lost a lot of business not to mention 50 grand due to the hacking.
"We work closely with the studios. Some have just been very supportive," said Rick Larson.
Other studios weren't, and took their business elsewhere. But the (nice) studios helped the Larsons get rapidly educated on cyber-security and transform their once-hackable business into a secure one. As it turns out, the hackers got in because one of the Larson Studios' computers was using an old and very hackable version of Windows. "They were basically just trolling around to see if they could find a computer that they could open. It wasn't aimed at us," explained Dondorf.
"You've got people around here who've spent the last six months living, breathing and dying this whole situation. Lots of lost sleep, and boy, a lot of learning. We probably know way more than we ever wanted to know about this," said Rick Larson.
Related: Muni Hacker Hacked, Turns Out He's Extorted Ransoms From Multiple US Companies