MagentaTV

Cybernews discovered an unprotected database belonging to MagentaTV, a streaming platform owned by Deutsche Telekom, which exposed sensitive customer data for months. The database contained over 324 million logs, including IP addresses, MAC addresses, session IDs, customer IDs, and HTTP headers. This information could potentially be used for session hijacking, impersonation, location tracking, and targeted phishing attacks. The data leak began in February 2025 and was secured only after Cybernews alerted the company.

Source: https://www.techradar.com/pro/security/massive-streaming-service-data-leak-sees-over-324-million-records-breached-heres-what-we-know

TPRM report: https://www.rankiteo.com/company/magenta-tv

"id": "mag337080725",
"linkid": "magenta-tv",
"type": "Breach",
"date": "2/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Millions',
                        'industry': 'Telecommunications',
                        'location': 'Germany',
                        'name': 'MagentaTV',
                        'type': 'TV and Streaming Platform'}],
 'attack_vector': 'Unprotected Elasticsearch Instance',
 'customer_advisories': 'Users should be on their guard',
 'data_breach': {'file_types_exposed': 'Logs',
                 'number_of_records_exposed': '324 million',
                 'personally_identifiable_information': 'IP addresses, MAC '
                                                        'addresses, session '
                                                        'IDs, customer IDs',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'IP addresses, MAC addresses, '
                                             'session IDs, customer IDs, user '
                                             'agents, HTTP headers'},
 'date_detected': 'June 2025',
 'date_publicly_disclosed': 'June 2025',
 'description': 'Cybernews found an unprotected database containing sensitive '
                'data on millions of MagentaTV users. Around 324 million logs '
                'were contained within. The database has since been locked '
                'down, but users should be on their guard.',
 'impact': {'brand_reputation_impact': 'Potential damage due to sensitive data '
                                       'exposure',
            'data_compromised': 'IP addresses, MAC addresses, session IDs, '
                                'customer IDs, user agents, HTTP headers',
            'identity_theft_risk': 'High',
            'systems_affected': 'Elasticsearch instance hosted by '
                                'Serverside.ai'},
 'investigation_status': 'Resolved',
 'post_incident_analysis': {'corrective_actions': 'Database locked down',
                            'root_causes': 'Unprotected Elasticsearch '
                                           'instance'},
 'references': [{'source': 'Cybernews'}],
 'response': {'containment_measures': 'Database locked down',
              'third_party_assistance': 'Cybernews'},
 'title': 'MagentaTV Unprotected Database Leak',
 'type': 'Data Leak',
 'vulnerability_exploited': 'Unprotected Database'}

MagentaTV

Retail Merchandising Services: Retail Merchandising Services Data Breach Claims Investigated by Lynch Carpenter

AstraZeneca: Hacker Group LAPSUS$ Claims Alleged AstraZeneca Data Breach

Give Light: Susan Solves It: Data Breach Protection