The Russian media streaming platform "START" (start.ru) confirmed that he suffered a data breach affecting 7.5 million users.
In a statement, the platform's administrators said that the attackers managed to breach its systems and steal a base data of 2021. The worst thing is that samples of this base are already circulating on the internet.
See also: Phishing: Hackers hide malware in James Webb image
The stolen database contains addresses email, phone numbers and usernames. The streaming platform START believes that this data is of little interest to cyber criminals.
![Pinterest](https://pinterest.com/pin/create/button/?url=https://www.secnews.gr/en/418106/start-rosiki-streaming-platforma-ipesti-paraviasi-dedomenon/&media=https://www.secnews.gr/wp-content/uploads/2022/08/START-streaming-min.jpg&description=Η ρωσική media streaming πλατφόρμα "START" (start.ru) επιβεβαίωσε ότι υπέστη παραβίαση δεδομένων που επηρεάζει 7,5 εκατομμύρια χρήστες.){kind=link}
The Russian media streaming platform claims that the data breach has not affected other more important information, such as financial data, bank card data, browsing history or passwords users, as this information was not in the stolen database.
“We have already fixed the vulnerability and access to the data is no longer possible", says START in her statement on Telegram.
Although a universal reset of accounts is not required, it is recommended that all users to change their codes access to them when a data breach occurs.
See also: Nelnet breach reveals student loan data
START streaming platform: Data breach affected 7.5 million users
Rumours of a START data breach first emerged on Sunday, 28 August, when a file with information of almost 44 million users of the streaming platform started to be distributed via a social network.
Many of these entries relate to test accounts. However, the file contains 7.455.926 unique email addresses, which is probably close to the actual number of exposed users.
The Russian news agency Medusa reports that it randomly tested entries from the leaked database in the password START's recovery tool, and all logins turned out to be valid.
One discrepancy between START's statement and the leaked database is that the latter contains md5crypt-hashed passwords, IP addresses, login logs and subscription details, which have not been included in the official statement of the streaming platform.
See also: Windows 11: Which settings to change to enhance privacy?
Russia: stricter rules on data leaks
Due to increased cyber attacks against Russian internet platforms, Moscow is implementing methods to defend users' data from unauthorised access.
Last week, Kommersant reported that the Ministry of Digital Development is promoting a plan to create a registry of "unacceptable IT security practices" to help raise awareness among leaders of organizations.
Earlier this month, the ministry proposed the creation of a a fund to be used to compensate victims of spills data. This fund seems to be will be supported by the fines imposed the entities responsible for the security breaches.
Source : www.bleepingcomputer.com