Russian streaming platform Start discloses a data breach impacting 7.5M users

Russian streaming platform Start discloses a data breach impacting 7.5M users

The Russian subscription-based streaming service Start discloses a data breach affecting 7.5 million users.

The Russian media streaming platform START disclosed a data breach that impacted 7.5 millions of its users.

According to the company, the attackers stole a 2021 database from its infrastructure and also shared a samples online to demonstrate the authenticity of the claims.

Russian news outlet Medusa verified that the leaked data are valid.

“As follows from the leak, 24.6 million Start users registered from Russia, 2.3 million from Kazakhstan, 2.1 million from China, and 1.7 million from Ukraine.” reads the post published by Medusa news outlet.

“Specialists randomly checked random entries from the database through the password recovery function on the online cinema website: all logins turned out to be valid.”

Stolen data include email addresses, phone numbers, and usernames, while financial data were not exposed. The company added that browsing history or passwords were not included in the stolen database.

“The base is not of great interest to intruders, the most significant thing it includes is an email or phone number from which the user could connect.” reads the data breach notice published on Telegram. “There are no clear passwords, browsing history, and most importantly, there are no bank card data and other financial information in the database. It is not necessary to change the password, but we recommend that all users do this regularly and come up with unique ones for each service.”

Start streaming service

On August 28, threat actors started sharing, via a social network, a MongoDB JSON dump (72GB) containing information of 44 million users.

According to BleepingComputer, the database contains 7,455,926 unique email addresses belonging to Start users.

BleepingComputer added that the leaked dump also includes md5crypt-hashed passwords, IP addresses, login logs, and subscription details, which were not included in the initial statement released by the company.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)




Leave a Reply

Your email address will not be published.