MoviePass user records exposed on public server
21-August-2019
American subscription-based movie ticketing service MoviePass, Inc. has exposed thousands of unencrypted customer card numbers and personal credit cards because a critical server was not protected with a password.
The database was massive, containing 161 million records at the time of writing and growing in real time. Many of the records were normal computer-generated logging messages used to ensure the running of the service - but many also included sensitive user information, such as MoviePass customer card numbers, TechCrunch reported on Wednesday.
A cybersecurity expert named Mossab Hussain, from a Dubai-based firm named SpiderSilk, discovered the unprotected server and shared sample data sets with TechCrunch to confirm that MoviePass was in fact leaving the data unencrypted and accessible to anyone.
There is no information whether MoviePass' customer information was ever collected or disseminated by a malicious third party.
However, Hussain's findings about the state of MoviePass' security are deeply troubling. Given the mountain of controversies MoviePass has faced in the past, it's easy to see how cybersecurity could fall by the wayside, according to The Verge.IANS
- 0
-
-
-
-
Tata Group Offers Rs 1 Crore Compensation to AI171 Crash Victims' Families
Air India Dreamliner Crash Renews Boeing 787 Safety Concerns
Air India London-Bound Plane Crashes After Take-Off in Ahmedabad
How VITians Built Multi-Crore Businesses And How the Campus Nurtures Big Ideas
Garuda Takes Flight Again! Chennai Drone Startup Raises Fresh $1M
