Internet leak

An internet leak is the unauthorized release of information over the internet. Various types of information and data can be, and have been, "leaked" to the Internet, the most common being personal information, computer software and source code, and artistic works such as books or albums. For example, a musical album is leaked if it has been made available to the public on the Internet before its official release date.

Music leak

A music leak is an unauthorized release of music over the internet. Songs or albums may leak days or months before their scheduled release date. In other cases, the leaked material may be demos or scrapped work never intended for public release. Leaks often originate from hackers who gain unauthorized access to the online storage of an artist, label, producer, or journalist.

Source code leaks

Source code leaks are usually caused by misconfiguration of software like CVS or FTP which allow people to get source files through exploits, software bugs, or employees that have access to the sources or part of them revealing the code in order to harm the company.

There were many cases of source code leaks in the history of software development.

  • As Fraunhofer IIS released in 1994 only a low quality version of their MP3 encoding software (l3enc), a hacker named SoloH gathered the source code from the unprotected servers of the University of Erlangen and developed a higher quality version, which started the MP3 revolution on the internet.
  • Around 1996 Electronic Arts accidentally put the source code of the video game FIFA 97 on a demo disc.
  • In 2003, Axel Gembe, a German hacker, who had infiltrated Valve's internal network months earlier, exploited a security hole in Microsoft's Outlook to get the complete source of the video game Half-Life 2. The source code was leaked online a week later, a playable version of Half-Life 2 was compiled from the source code, revealing how unfinished it was. The leaks damaged morale at Valve and slowed development. In March 2004, Gembe contacted Gabe Newell, CEO of Valve, and identified himself, saying he was a fan and had not acted maliciously. Newell worked with the FBI to invite Gembe to a fake job interview, planning to have him arrested in the USA; however, police arrested him in Germany. The complete source was soon available in various file sharing networks.
  • Also in 2003, source code to Diebold Election Systems Inc. voting machines was leaked. Researchers at Johns Hopkins University and Rice University published a critique of Diebold's products, based on an analysis of the software. They found, for example, that it would be easy to program a counterfeit voting card to work with the machines and then use it to cast multiple votes inside the voting booth.
  • In 2003 a Chinese hacker acquired the source code for Lineage II and sold it to someone in California who then used it to create a bootleg version of the game, powered by his own servers. Despite warnings from NCSoft that pirating an online game was considered illegal, he continued doing so for a few years, until the Federal Bureau of Investigation finally raided his home in 2007, seized the servers and permanently disabled the website that fronted his bootleg version of Lineage II.
  • In 2003, one year after 3dfx was bought by Nvidia and support ended, the source code for their drivers leaked, resulting in fan-made, updated drivers.
  • In 2004, a large portion of Windows NT 4.0's source code and a small percentage (reportedly about 15%) of Windows 2000's were leaked online. The Windows 2000 source code leak was analysed by a writer for (now defunct) website Kuro5hin who noted that while the code was generally well written, it allegedly contained about "a dozen" instances of profanity and the milder euphemism "crap". The writer also noted that there were a lot of code hacks, with the "uglier" ones mostly being for compatibility with older programs and some hardware. It was feared that because of the leak, the number of security exploits would increase due to wider scrutiny of the source code. It was later discovered that the source of the leak originated from Mainsoft.
  • Also in 2004, partial (800 MB) proprietary source code that drives Cisco Systems' networking hardware was made available in the internet. The site posted two files of source code written in the C programming language, which apparently enables some next-generation IPv6 functionality. News of the latest source code leak appeared on a Russian security site.
  • In 2006, Anonymous hackers stole source code (about 1 GiB) for Symantec's pcAnywhere from the company's network. While confirmed in January 2012, it is still unclear how the hackers accessed the network.
  • In late 2007, the source code of Norton Ghost 12 and a Norton Anti-Spyware version were available via BitTorrent.
  • In December 2007 and January 8, a Pirate Bay user published the sources of five Idera SQL products via BitTorrent.
  • In January 2011 the "stolen source code" of Kaspersky Anti-Virus 2008 was published on the Pirate Bay.
  • On May 20, 2011, EVE Online's source code was published by someone on a GitHub repository. After being online for four days, CCP Games issued a DMCA take-down request which was followed by GitHub.
  • In 2011, the source code of GunZ: The Duel v1.5 became available online.
  • In December 2011, the source code of the Solaris 11 operating system's kernel was leaked via BitTorrent.
  • In August 2014 S.T.A.L.K.E.R.: Clear Sky's X-Ray Engine source code (and its successor) became available on GitHub under a non-open-source license.
  • On December 29, 2015, the AmigaOS 3.1 source code leaked to the web, confirmed by the rights holder Hyperion Entertainment.
  • In January 2017 the source code of Opera's Presto Browser engine was leaked to GitHub. The source code was shortly after taken down with a DMCA notice.
  • In June 2017 a small part of Microsoft's Windows 10 source code leaked to the public. The leak was of the Shared Source Kit, a small portion of the source code given to OEMs to help with writing drivers.
  • In February 2018, the iBoot bootloader for Apple operating systems' source code was leaked onto GitHub by an Apple engineer. The code was from 2016, and by the time it was leaked, iBoot had been restructured, making it obsolete.
  • On April 22, 2020, Counter-Strike: Global Offensive and Team Fortress 2 code was leaked.
  • Some time during March 2018, Nintendo suffered a significant leak when a hacker obtained an alleged 2 TB of confidential material containing source codes to game consoles, games, and internal documentation. Starting in 2018, the contents of this breach slowly made their way onto the Internet, starting with iQue Player ROMs and various Pokémon games. Later in 2020, the leaks gained more attention and grew in size, culminating into the release of Wii and Nintendo 64 source code, and the so-called "Gigaleak", a massive release containing multiple N64 games' source code and SNES Prototypes. After July 2021, no more releases have occurred.
  • On August 7, 2020, 20 GB of Intellectual property of Intel, including source code (in SystemVerilog and otherwise) of their system on chips leaked (with preserving git structure). That included Intel ME, Intel Microcode and software simulators of their hardware. Their various BIOS source code was also leaked. The SpaceX cameras firmware that Intel worked on also leaked. The data is being distributed through a torrent.
  • On September 23, 2020, Windows XP SP1 and Windows Server 2003 complete source code depots were leaked. The archives included all the source code from the time it was used at Microsoft, including documentation and build tools. The leak was first dismissed as illegitimate, but it was soon clear that it was legitimate, the source code contained Windows XP specific code and resources, later one user managed to compile the OS and pack it into an ISO image.
  • On January 4, 2021, Nissan North America source code was leaked online due to misconfiguration of a company Git server, which was left exposed online with a default username and password of admin/admin. Software engineer maia arson crimew learned of the leak and analyzed the data, which they shared with ZDNet. The repository reportedly contained Nissan NA mobile apps, parts of the Nissan ASIST diagnostics tool, Nissan's internal core mobile library, Dealer Business Systems and Dealer Portal, client acquisition and retention tools, market research tools and data, vehicle logistics portal, vehicle connected services, and various other back ends and internal tools, they reported.
  • On February 10, 2021, Cyberpunk 2077 and Witcher 3 developer CD Projekt Red (CDPR) announced hackers had targeted the company and attempted to hold it to ransom. On 6 June 2021, someone in possession of the data had leaked all of Cyberpunk 2077 code (96.02 GB of data in 7z archive) online publicly, while previously it was only available in encrypted form.
  • On October 6, 2021, streaming site Twitch had its source code along with earnings reports of top streamers leaked by hackers on 4chan, citing the streaming site's negative community and desire for competition and disruption of the online video streaming space. The breach was confirmed by Twitch on Twitter. The leak was distributed freely via a torrent file and was 135.17 GB in size. As a precaution, all the stream keys have been reset by Twitch.
  • On February 25, 2022, ransomware group LAPSUS$ hacked NVIDIA and reportedly obtained 1 terabyte of proprietary information. The group subsequently released a ~20 GB archive containing the source code for NVIDIA GPU drivers among other things. Details for a Nintendo Switch successor were also found among the data. It was also reported recently that the group also infiltrated Portuguese media conglomerate Impresa, the Ministry of Health in Brazil and Brazilian telecommunications company Claro.
  • On September 18, 2022, Grand Theft Auto VI had a massive leak online, with 90 videos of the game being released. It was confirmed by a worker at Rockstar Games that the leak was real. The content of the leak received mixed reviews, with many calling the game unfinished and rushed, but many criticized these complaints by stating the game was not near completion. The leak itself, however, received negative reception, with many claiming it discredited the work of several employees. Publisher TakeTwo began taking down leaks on several different websites. Rockstar issued a statement on September 19, which stated they were "disappointed" with the leak.
    • The hacker who got the leak also got the source code for Grand Theft Auto V, and announced he would be selling both. Shortly after, he announced the GTA VI source code was no longer for sale, but was still selling the GTA V source code. This has been considered a form of blackmail.
  • On January 25, 2023, leaked archive with approx. 44GB of Yandex services has been published on Torrents.

End-of-life leaks by developers

Sometimes software developers themselves will intentionally leak their source code in an effort to prevent a software product from becoming abandonware after it has reached its end-of-life, allowing the community to continue development and support. Reasons for leaking instead of a proper release to public domain or as open-source can include scattered or lost intellectual property rights. An example is the video game Falcon 4.0 which became available in 2000; another one is Dark Reign 2.

Other leaks

  • In late 1998, a number of confidential Microsoft documents later dubbed the Halloween documents were leaked to Eric S. Raymond, an activist in the open-source software movement, who published and commented on them online. The documents revealed that internally Microsoft viewed free and open-source software such as Linux as technologically competitive and a major threat for Microsoft's dominance in the market, and they discussed strategies to combat them. The discovery caused a public controversy. The documents were also used as evidence in several court cases.
  • Nintendo's crossover fighting video game series Super Smash Bros. has a history of having unconfirmed content leaked. Every game since, including 2008's Super Smash Bros. Brawl has been affected by leaks in some form:
    • Super Smash Bros. Brawl for the Wii was leaked by a video on the Japanese language wii.com website, revealing unconfirmed playable characters on January 28, 2008 (three days before the game's Japanese release).
    • Super Smash Bros. for Nintendo 3DS and Wii U was afflicted in August 2014 by the "ESRB leak", where many screenshots and limited video footage of the 3DS version were leaked by a supposed member of the ESRB. The leak gained traction very quickly due to the screenshots mostly containing elements that the game ratings board would be interested in, such as trophies of suggestively-dressed female characters (some of which were later found to be edited or cut altogether in the final game).
    • Super Smash Bros. Ultimate was leaked in its entirety two weeks before its release, allowing many to play and datamine in advance. While the entire roster of characters and stages had already been officially revealed, many unrevealed collectibles, music tracks, and story elements were discovered and distributed. This prompted Nintendo to issue copyright strikes to many YouTube and Twitch channels.
  • November 2009: Climatic Research Unit email leak, aka Climategate
  • Several high-profile books have been leaked on the Internet before their official release date, including If I Did It, Harry Potter and the Deathly Hallows, and an early draft of the first twelve chapters of Midnight Sun. The leak of the latter prompted the author Stephenie Meyer to suspend work on the novel.
  • 2010 My Little Pony: Friendship Is Magic has been filled with lot of leaks for later seasons on scenes, leaked full song to the theme song, leaked early released episodes before they got aired on Discovery Family, unfinished episodes, 2018–present there was leaks for the generation 5 as My Little Pony: A New Generation was the start.
  • On January 31, 2014, the original uncensored version of the South Park episode "201" was leaked, when it was illegally pulled from the South Park Studios servers and was posted online in its entirety without any approval by Comedy Central. The episode was heavily censored by the network when it aired in 2010 against the will of series creators Trey Parker and Matt Stone, and was never formally released uncensored to the public. The episode was the second in a two parter and was censored after the airing of the first part as a result of death threats from Islamic extremists who were angry of the episode's storyline satirizing censorship of depictions of Muhammad.
  • In 2015 the unaired Aqua Teen Hunger Force episode "Boston" was leaked online. The episode was set to air during the fifth season as a response to a controversial publicity stunt for Aqua Teen Hunger Force Colon Movie Film for Theaters that occurred in the titular city, but Adult Swim was forced to pull it to avoid further controversy.
  • On March 13, 2016, the full list of qualifying teams and first round match-ups for the 2016 NCAA Men's Division I Basketball Tournament leaked on Twitter in the midst of a television special being broadcast by CBS to officially unveil them. The leak exacerbated criticism of a new, two-hour format for the selection broadcast, which was criticized for revealing the full tournament bracket at a slower pace than in previous years.
  • On April 20, 2021, Apple supplier Quanta Computer was hit by a ransomware attack. The attackers began posting documents and schematics of MacBook computer designs as recent as March 2021. The attackers threatened to release everything they had obtained by May 1, 2021, unless a ransom had been paid, however nothing further came out of the breach.
  • On March 6, 2023, the unreleased film Scooby-Doo! and Krypto, Too!, a crossover involving Scooby-Doo and Krypto the Superdog was allegedly canceled, and was leaked online. It was alleged to be cancelled as tax write-off for parent company Warner Bros. Discovery's cost savings effort. On July 26, 2023, it was confirmed to not be cancelled, and a trailer was released on July 27, 2023 with a release date of September 26, 2023.
  • On May 6, 2023, a Twitter user leaked the trailer for the Five Nights at Freddy’s film. Universal Pictures and Blumhouse worked to have videos of the trailer taken down.
  • On January 3, 2024, a Twitter user leaked the screenshots of 3 new minions and the plot for Despicable Me 4 weeks before the trailer launched and was claimed that it would appear at Super Bowl LVIII but screenshots were taken down by Universal & Illumination. Only 2 descriptions of the plot leak was confirmed true, while the third was false for Edith, Agnes and Margo were going to be teenagers. The trailer was released in January 28, 2024.

See also


This page was last updated at 2024-03-13 15:18 UTC. Update now. View original page.

All our content comes from Wikipedia and under the Creative Commons Attribution-ShareAlike License.


Top

If mathematical, chemical, physical and other formulas are not displayed correctly on this page, please useFirefox or Safari