Football player hacked live during NFL draft

Experts had Laremy Tunsil flagged as one of the top prospects in Thursday night’s NFL draft. But shortly before the opening pick, something disturbing happened. An incriminating video tweeted from...
Rob Sobers
2 min read
Last updated June 30, 2022

Experts had Laremy Tunsil flagged as one of the top prospects in Thursday night’s NFL draft. But shortly before the opening pick, something disturbing happened. An incriminating video tweeted from Tunsil’s own verified Twitter account showed the Ole Miss star smoking a “marijuana-like substance” from a gas mask.

Laremy Tunsil smoking marijuana from a gas mask

Get the Free Pen Testing Active Directory Environments EBook

“This really opened my eyes to AD security in a way defensive work never did.”

It quickly became clear that Tunsil’s account was hacked by someone who not only had damaging information on the player, but a deep desire to sabotage his career.

This meticulously-timed hack caused Tunsil’s stock to plummet – though he was eventually nabbed by the free-wheeling Miami Dolphins with the 13th overall pick – and may have cost him more than $13 million.

The nightmare doesn’t end there. Moments after being picked, more information was leaked. This time, LT’s hacked Instagram account posted two screencaps of text conversations that show him asking an Ole Miss coach for money to help pay his rent and his mom’s electric bill, which would be a violation of NCAA rules.

Keep in mind, the Instagram leak was unfolding as Tunsil was being interviewed live by the media, catching him completely off guard:

Meanwhile, back at Ole Miss, the powers that be are all:

Michael Scott from the Office

OK, so this is a bloody disaster. Clearly someone had access to Tunsil’s accounts long before the draft and had been planning on crushing his dreams.

But who dunnit? Was it a mad ex-girlfriend? A jealous friend who happened to know that his password to everything is, let’s guess, “f00tball”? The stepfather with whom he is engaged in a lengthy legal battle? A fellow Ole Miss student who watched him type his password in the computer lab? An actual hacker who phished his credentials and tried to extort him?

It’s not yet clear who hacked Tunsil, but what is crystal clear is that his agent doesn’t understand cybersecurity. Here’s his statement:

Agent's statement on Tunsil hack

Wow. Where do we begin? We could make educated guesses about what “open source hacking” is (why does open source always get dragged through the dirt?!), but I’m more interested in pointing out the embarrassing attempt at deflecting Tunsil’s transgressions. The agent cites the “shortcomings” of the US government and some mythical Silicon Valley cybersecurity conglomerate as the real issue. As if we had big switch labeled “allow hacking” that we could flip on and off.

For the sake of everyone who is trying to help make the world’s information more secure, I truly hope this statement gets the ridicule it deserves as a lame PR jiu-jitsu tactic and isn’t a reflection of how the layperson thinks cybersecurity works.

UPDATE 4/29 3:03PM ET: Alas, the agent’s statement turned out to be false (or at least unconfirmed; the story is still developing). Bad on me for believing a statement this ignorant could be real, but sadly the mainstream commentary around infosec has made it hard to distinguish misguidance from parody.

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

do-executives-and-cybersecurity-pros-agree-on-today’s-biggest-cyber-threats?
Do Executives and Cybersecurity Pros Agree on Today’s Biggest Cyber Threats?
Breaches cost companies billions, erode trust and can have a long-lasting negative impact on a company’s brand. With so much as stake, we wondered: are C-Suite executives aligned with their...
speed-data:-the-principles-of-grc-with-hannah-dewane
Speed Data: The Principles of GRC With Hannah DeWane
Hannah DeWane at Varonis shares her day-to-day world of security audits and the wonderful world of risk management.
speed-data:-the-next-generation-of-cybersecurity-with-mark-weber
Speed Data: The Next Generation of Cybersecurity With Mark Weber
Executive in Residence for the Catholic University of America Mark Weber shares tips for mentoring future cybersecurity professionals.
speed-data:-preparing-for-the-unknown-in-cybersecurity-with-ian-hill
Speed Data: Preparing for the Unknown in Cybersecurity With Ian Hill
Ian Hill, the Director of Information and Cybersecurity for Upp Telecommunications, offers his take on AI and the future of tech, shares his tricks for a good cyber defense, and explains why the best-laid plans of mice and security professionals often go astray.