The credentials of some 1,023 Premium accounts of the Indian OTT platform Zee5 were found floating on the web in May 2020.
The leaked information revealed the user's id -password as well as the origins of the user's premium plan (e.g. promotional offers), the expiration date of the plan, along with the auto-renewal setting.
The leaked information seemed to be pulled from an API, post successful authentication.
Source: https://hackernoon.com/the-zee5-user-data-leak-that-the-media-didnt-report-on-4p71324y
TPRM report: https://scoringcyber.rankiteo.com/company/zee5
"id": "zee203927622",
"linkid": "zee5",
"type": "Breach",
"date": "05/2020",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 1023,
'industry': 'OTT Platform',
'location': 'India',
'name': 'Zee5',
'type': 'Company'}],
'attack_vector': 'Exposed API',
'data_breach': {'number_of_records_exposed': 1023,
'type_of_data_compromised': ['User IDs',
'Passwords',
'Premium Plan Details',
'Expiration Date',
'Auto-renewal Setting']},
'date_detected': 'May 2020',
'description': 'The credentials of some 1,023 Premium accounts of the Indian '
'OTT platform Zee5 were found floating on the web in May 2020. '
"The leaked information revealed the user's id -password as "
"well as the origins of the user's premium plan (e.g. "
'promotional offers), the expiration date of the plan, along '
'with the auto-renewal setting. The leaked information seemed '
'to be pulled from an API, post successful authentication.',
'impact': {'data_compromised': ['User IDs',
'Passwords',
'Premium Plan Details',
'Expiration Date',
'Auto-renewal Setting']},
'title': 'Zee5 Premium Account Credentials Leak',
'type': 'Data Leak'}