EXCLUSIVE: Banijay, the world’s largest independent production company, has told staff that internal data was stolen after it was the victim of a cyber attack last week that could impact hundreds of current and former employees.
Deadline first revealed the hack on Monday and, in an email update last night, Banijay Rights CEO Cathy Payne told employees: “Unfortunately, we have now confirmed the attackers are in possession of some of our data following an online document share yesterday.”
Payne, who has been leading Banijay’s response to the incident, added that no personal data was contained in the document dump. Deadline understands it was a small handful of materials containing relatively mundane information. Payne warned, however, that the company “cannot rule out that more data and documents are in the possession of those responsible for the cyber attack.”
All3Media International, Banijay Rights, eOne, Fremantle, ITV Studios Combine To Formalize London Screenings
As we reported on Monday, there are fears that sensitive commercial and staff information could have been breached in the ransomware attack, including bank account details, home addresses, telephone numbers, and ID records. There are concerns that bank account details could be vulnerable if people received an expense payment outside of normal payroll.
Banijay has notified relevant authorities in the UK and Netherlands about the matter and is working with independent cybersecurity specialists as it tries to figure out how its technology was breached, who was affected, and what information has been exposed. It is also following guidance from the Information Commissioner’s Office in the UK.
Hackers targeted the systems of the Endemol Shine International network and part of the Endemol Shine Group network in Amsterdam. Banijay acquired Endemol Shine for $2.2B this summer and Payne is in charge of the group’s combined sales house, now known as Banijay Rights.
She has written to former employees this week, including some who left the Endemol Shine group years ago, to warn them that they may be caught up in the attack. In the email, seen by Deadline, Payne said: “We are sorry for any inconvenience or concern this incident may cause and we are continuing to investigate to understand better what data the hackers may have accessed.”
She called on former colleagues to remain vigilant and to keep an eye on their bank account for suspicious activity. “Please be assured we are doing all we can to rectify the matter quickly and safely and will continue to keep you updated as and when we have further findings from the investigation,” Payne added. A notice has also been published on Banijay’s website to help reach ex-employees Payne was unable to contact.
Meanwhile, current employees are being told not to engage with emails if they are not sure of the sender. They will also receive updated training on phishing. The hack has also created technical difficulties for staff who have been unable to access certain systems that were impacted by the attack, though it is understood that the majority of Banijay’s technology is now back online.
A Banijay spokeswoman said: “The pre-existing Endemol Shine Group network, which also comprises Endemol Shine International, has been targeted in a cyber-attack. We are currently investigating the matter and at this stage have no further comment.”
The hack is a spanner in the works as Banijay is going about the business of integrating Banijay and Endemol Shine teams across 200 business units in 22 territories. The company makes global entertainment hits including MasterChef and Big Brother, as well as dramas like Peaky Blinders and Young Wallander.