The START streaming platform confirms a breach in its system

September 7, 2022
Russia START Streaming Platform Data Breach

The Russian-based START streaming platform has admitted that they are affected by a data breach incident, impacting approximately seven million users.

The admin of the platform revealed that the network infiltrators have stolen last year’s database from its systems and are now exposing pilfered samples on the internet. The database from 2021 included several essential details from the platform’s users, such as email addresses, phone numbers, and usernames.

 

The START streaming platform stated that no critical information was compromised during the breach.

 

A spokesperson from the streaming platform emphasised that hackers are very peculiar to stealing such data from users since they cannot utilise it to execute an account takeover attack.

Fortunately, the breach has not compromised critical data like financial information, bank card details, user passwords, and browsing history because the 2021 data did not store any mentioned information.

In addition, START researchers revealed that they have already repaired the flaw used by the threat actors to access their data. As of now, the streaming platform’s data access is closed temporarily.

Experts indicated that even though a reset is not mandated to START users, it is still suggested that users should change their passwords for safety measures.

The trending stories about a data breach attack against START were first heard by researchers from different users last week when a 72-gigabyte worth of MongoDB JSON dump that contained information of over 40 million users started to appear all over a social networking site.

Most samples are test accounts, but the dump included about 7.5 million unique email addresses, likely close to the number of affected users.

The record’s date reaches September 22, 2022. Hence, the incident does not impact users registered with the service after that timeline. Furthermore, a distinct Russian news outlet reported that they had tested random entries from the leaked database on START’s password recovery feature, and all logins are valid.

The problem with START’s statement is that it does not explain how the leaked dump contained IP addresses, login logs, and subscription information. Therefore, users of this streaming platform are advised to be more vigilant regarding their accounts.

About the author

Leave a Reply