The Walking Dead creator allegedly leaked celebrity data

Skybound Entertainment, the company behind The Walking Dead series, allegedly suffered a data breach with attackers selling sensitive data of users and employees on a criminal forum.

Unknown attackers posted an ad on an underground criminal marketplace, allegedly selling data stolen from Skybound Entertainment, a US-based multiplatform company best known for creating The Walking Dead comic book series.

We reached out to Skybound Entertainment for comment but haven’t received a response before going to press.

The attackers claim the database-for-sale contains data on every user on the Skybound.com website, including their first and last names, phone numbers, email, and home addresses. The leaked customer pool comprises around 200,000 users.

The supposed leak includes emails and passwords of Skybound employees, which, according to the attackers, includes data on celebrities. Skybound Entertainment was established by Robert Kirkman and David Alpert. Recently, Kirkman worked on the comedy horror film Renfield, starring Nicolas Cage and Nicholas Hoult.

The database is said to include information on customer payments. A data sample of a payment that attackers included in the ad, reviewed by the Cybernews research team, displays complete customer information such as a delivery address, shipping method, goods purchased, and last four digits of the payment card.

While the attackers claim they have access to data on 200,000 payments, the sample includes only one. This means that they could be bluffing, having accessed few payments.

The attackers, who only registered on the underground forum on May 8th, say they also stole Skybound’s source code. Source code leaks pose severe security issues to companies as threat actors can glimpse the company’s intellectual property and system data. Revealing source code can allow attackers to craft targeted security exploits.

According to the team, Skybound seems to have noticed a leaky database, which was likely closed around April 7th, 2023. It’s not entirely clear how the attackers accessed Skybound’s seller’s page, but one way they might’ve done it is by granting themselves admin rights while they still had access to Skybounds servers.

While threat actors allege selling a trove of sensitive personal data, the asking price for the dataset is unusually low. The pricing could point to inexperienced attackers or signal the data included could be considered ‘low quality’ in the cybercriminal underworld.

While the never-ending stream of data breaches can cause fatigue, the dangers of losing one’s own persist. For example, cybercriminals can use personal information to commit fraud: from identity theft and phishing attacks to opening new credit accounts, making unauthorized purchases, or obtaining loans under false pretenses.

Experts warn that even seemingly insignificant pieces of leaked personal information can be collated to have a devastating impact. Victims whose data has been leaked often don’t realize they have been compromised and therefore take no action to mitigate the outcome.