The promotional campaign for a movie typically unfolds in a series of carefully orchestrated steps: a teaser, a trailer, perhaps a billboard or two in Times Square, and finally the premiere itself. What the promotional campaign does not typically include is an anonymous account on X posting the entire film two months early, followed by superfan watch parties and counterfeit DVDs appearing on eBay before the opening weekend has even been scheduled.

Yet that is more or less what happened to Paramount Pictures and its animated feature "Legend of Aang: The Last Airbender," which was supposed to make its debut on Paramount+ in October but instead made its debut on the internet in April, courtesy of a hacker who told The Hollywood Reporter he "decided I'd troll a little bit."

The incident has metastasized — there is really no other word for it — into a crisis that touches on the entertainment industry's persistent vulnerability to digital break-ins, a problem that has not gone away despite the billions of dollars studios have invested in cybersecurity since the Sony Pictures hack of 2014.

Paramount has conducted an investigation and concluded that it was not responsible for the breach, according to a person familiar with the situation, which would point to a third-party platform with access to the film. Vision Media, a screening company that handles awards promotion for studios including Disney, NBCUniversal, Netflix and Paramount, is now investigating whether the leak can be traced to vulnerabilities in its own servers.

(Awards screeners have long been the soft underbelly of Hollywood security. The piracy group Hive-CM8 uploaded "The Hateful Eight," "The Revenant" and "Creed" in 2015 after physical screeners were stolen, which suggests the industry learned something but perhaps not everything.)

A 26-year-old man was arrested in Singapore in connection with the leak, according to The Straits Times. Several digital breadcrumbs point to Devesh Logendran, a hacker previously charged in 2018 for infiltrating the N.F.L.'s Twitter account while affiliated with a collective called PeggleCrew, according to a gray-hat hacker who investigated the breach.

The film, based on the Nickelodeon animated series that ran from 2005 to 2008 and enjoyed a remarkable second life on Netflix in 2020, was originally slated for theatrical release before plans changed following the Skydance merger. A petition protesting the streaming-only strategy collected nearly 100,000 signatures.

"What I did was kind of unprecedented," the hacker told The Hollywood Reporter. "I didn't really register the consequences."

The consequences, of course, will be registered by others — including the cast and crew whose work will now compete with the version that has already circulated freely. The hacker also claimed that more content is coming: "There's more under the tip of the iceberg."

It is a mixed metaphor, but the threat appears to be real enough.

Original story published in The Hollywood Reporter: "The Lost 'Airbender': How Paramount's Movie Hack Spiraled Into a Crisis"