Cyber Incident Victim: Netflix

On December 20, 2025, the hacking group OurMine compromised the official Twitter accounts of Netflix US, Marvel Entertainment, multiple Marvel character accounts (including Black Panther, Captain America, Iron Man, Ant-Man, Thor, and Doctor Strange), and the National Football League (NFL). The group initiated the attack by first gaining control of Netflix's US Twitter account late Tuesday night, posting messages to followers highlighting the account's inadequate security measures. Netflix administrators subsequently regained control and deleted the unauthorized tweets. OurMine then expanded their campaign by targeting Marvel's primary Twitter account and its linked character accounts through Tweetdeck, exploiting the interconnected nature of these profiles managed under a single dashboard. The group concluded their activities by breaching the NFL's official Twitter account, announcing it as their final target for the day.

The incident resulted in temporary disruption of official communications across all compromised accounts, though operators restored control within hours and removed all OurMine-authored content. OurMine communicated directly with IBTimes UK during the attack, asserting their actions were non-malicious and intended to demonstrate cybersecurity vulnerabilities. The Marvel breach specifically revealed operational weaknesses, as the centralized management of linked accounts via Tweetdeck allowed a single point of failure to affect multiple profiles. No data theft, financial demands, or persistent system damage was reported. The affected organizations implemented no publicly disclosed remediation measures beyond account recovery and content deletion, with no mention of enhanced security protocols or forensic investigations in the available reporting.