According to TorrentFreak, the leaked episodes were downloaded more than 1 million times in the space of 18 hours from sites including The Pirate Bay, RARBG and KickassTorrents.
In response, HBO provided the following statement to Deadline; "Sadly, it seems the leaked four episodes of the upcoming season of 'Game of Throne' originated from within a group approved by HBO to receive them. We're actively assessing how this breach occurred."
Tripwire senior security analyst Ken Westin told eSecurity Planet by email that the leak should serve as a clear example of the challenges of supply chain security in relation to data. "There is a great deal of demand for 'Game of Thrones' episodes, as it has an incredible fan base, so there is a great deal of motive to find and leak the material," he said.
"The motion picture industry is compromised of multiple partnerships, no one studio does everything from beginning to end, things like effects, audio mastering, translation and subtitles and a whole host of other work may be farmed out to other entities," Westin added.
And the marketing process requires that "screeners" be sent to reviewers. "These screeners are watermarked and require a legal agreement not to share the material, however these watermarks can be found and blurred so they cannot be identified when movies are then leaked," Westin said.
"In many respects the same risks that a movie may go through mirrors that of customer data or other forms of intellectual property, where multiple parties may use the data and it can be passed around and accessed by many different parties," Westin added. "The more demand there is for a given type of data and the more people involved who have access to it, the more likely it is to be compromised by a trusted insider."
According to Vormetric's 2015 Insider Threat Report, fully 93 percent of U.S. IT decision makers feel their organizations are somewhat or more vulnerable to insider threats. The survey also found that 59 percent of respondents believe privileged users pose the greatest threat to their organizations.
A recent eSecurity Planet article offered a wide range of advice on methods of improving data security.