A security researcher discovered that a network AMC US television has inadvertently revealed more than 1.6 million records of its users’ mistaken subscription to both its broadcast services Sundance Now and Shudder.
The leaked information included the e-mail data of the subscribers, in addition to the type of payment plan they followed, and 3,000 vouchers of the last 4 digits of the credit cards paid.
Although the report did not mention that the leaks included any full payment data or information considered to be highly sensitive to risk in this regard, but at the same time the leaked database contains the video analytics data collected by the video analysis company Youbora, with more than 441,943 records included titles IP User, country, city, state, zip code, location coordinates, and details of the devices they use to view broadcast content.
The purpose of this information is to use broadcasters but can be accessed by anyone who has discovered the database.
The network has been alerted AMC the problem was solved by the security group, after which the database was hidden and access denied by the users.
However, independent Cyber Security Consultant Bob Diachenko discovered the gap of the company security that AMC did not facilitate detection of the problem.