Posted on December 5, 2020 at 3:52 PM
A recent report by Bleeping Computer alleged that the Pluto TV service has been hacked and data of 3.2 million users have been leaked. The stolen data include hashed passwords, IP addresses, and email addresses of the users.
As one of the leaders in the free online TV industry, Pluto TV offers several ad-sponsored TV channels that include real-life networks, gaming, movies, and other genres.
The online TV platform is not part of the growing list of online streaming networks that have been attacked this year.
After the attack, the database from the company has been exposed online by the hackers, who are probably demanding ransom payments from the victimized company.
Notorious hacking group resurfaces
According to the report, the notorious ShinyHunters hacker group is probably responsible for the attack. The group is known for carrying out notable attacks, including Microsoft’s private GitHub repository.
The hacking group has been largely quiet for the past few weeks, as the number of database attacks reduced significantly. However, it appears the group has resurfaced. Apart from the attack on Pluto TV, the group has also attacked other services such as the Geekie educational platform and the Animal Jam online game for children.
The ShinyHunters hacking group previously shared hacked customer records from 17 firms and was responsible for the Microsoft private GitHub repository hack earlier in the year.
Low-level hackers are now trading the database of user information the hackers stole from Pluto TV.
However, the report revealed that Pluto TV kept the hacking incident hidden from its customers and the public, which is seen as quite unusual for such a magnitude of the attack.
Generally, companies try to disclose any attack to their customers as soon as the attack is confirmed. The reason is to inform customers whose data were affected. It will ensure that the affected customers take proactive measures to prevent any future phishing attacks.
However, Pluto TV decided not to disclose the attack even when the stolen data includes hashed passwords.
A Pluto TV user said he has “received a password reset about it.” The user, who wants to stay anonymous, said he even contacted Pluto TV but did not receive any communication regarding the incident.
Another user says he sends a DM to Pluto TV a few days ago about the incident, but surprisingly the company has not replied since.
Pluto TV is an advertiser-driven free TV streaming platform with 28.4 million users. Google Play Store page of the platform shows that the app has been downloaded more than 10 million times.
Leaked data samples share on darknet forums
A low-level data trader shared a sample of the stolen database. The hashed passwords come with a bcrypt algorithm, which makes it more unlikely to decrypt to gain users’ information. According to the report, the stolen data is likely from 2918.
Bleeping Computer reiterated that all shared email addresses from the sample were verified and linked to Pluto TV members. The low-level hackers have already started trading the leaked data.
However, Pluto TV said it was discussing the hack with only users who have contacted the company. According to the firm, the matter is still under investigation and there are no additional details that are different from what is already known about the incident.
But on Thursday, Pluto TV told Motherboard it was only communicating about the breach with users who have reached out to the company.
“We are communicating with users who have reached out to us directly to address any questions or concerns,” Pluto TV pointed out.
Fortunately, the compromised data is from records gathered from two years ago, which is almost the time Pluto started getting popular. There are no credit card details stolen from the hack since the firm doesn’t offer paid plans that will require filling in credit card details.
Pluto TV later released a statement saying it hasn’t confirmed the data breach, adding that it hasn’t verified the authenticity of the claim.
According to Pluto, it takes the data security of its clients very seriously as any attempt to compromise users’ details on its platform is treated with utmost priority.