Security Affairs
Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Russian streaming platform Start discloses a data breach impacting 7.5M users

The Russian subscription-based streaming service Start discloses a data breach affecting 7.5 million users. The Russian media streaming platform START disclosed a data breach that impacted 7.5 millions of its users. According to the company, the attackers stole a 2021 database from its infrastructure and also shared a samples online to demonstrate the authenticity of […]

Start streaming service

The Russian subscription-based streaming service Start discloses a data breach affecting 7.5 million users.

The Russian media streaming platform START disclosed a data breach that impacted 7.5 millions of its users.

According to the company, the attackers stole a 2021 database from its infrastructure and also shared a samples online to demonstrate the authenticity of the claims.

Russian news outlet Medusa verified that the leaked data are valid.

“As follows from the leak, 24.6 million Start users registered from Russia, 2.3 million from Kazakhstan, 2.1 million from China, and 1.7 million from Ukraine.” reads the post published by Medusa news outlet.

“Specialists randomly checked random entries from the database through the password recovery function on the online cinema website: all logins turned out to be valid.”

Stolen data include email addresses, phone numbers, and usernames, while financial data were not exposed. The company added that browsing history or passwords were not included in the stolen database.

“The base is not of great interest to intruders, the most significant thing it includes is an email or phone number from which the user could connect.” reads the data breach notice published on Telegram. “There are no clear passwords, browsing history, and most importantly, there are no bank card data and other financial information in the database. It is not necessary to change the password, but we recommend that all users do this regularly and come up with unique ones for each service.”

Start streaming service

On August 28, threat actors started sharing, via a social network, a MongoDB JSON dump (72GB) containing information of 44 million users.

According to BleepingComputer, the database contains 7,455,926 unique email addresses belonging to Start users.

BleepingComputer added that the leaked dump also includes md5crypt-hashed passwords, IP addresses, login logs, and subscription details, which were not included in the initial statement released by the company.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]