"Lionsgate Streaming Platform with 37M Subscribers Leaks User Data"

According to research conducted by Cybernews, the entertainment industry giant Lionsgate leaked users' IP addresses and details about the content they have viewed on its movie-streaming platform. Researchers discovered that the movie-streaming platform Lionsgate Play had exposed user data via an open ElasticSearch instance. They found 20GB of unsecured server logs containing nearly 30 million entries, the oldest of which was from May 2022. The logs exposed subscribers' IP addresses together with information on their devices, operating system, and web browser. Logs also revealed the platform's usage data, which is commonly used for analytics and performance tracking. URLs found in logs contained the titles and IDs of the content that users watched, as well as their search queries. Researchers also discovered unidentified hashes with logged HTTP GET requests, records of client requests usually used to get data from a web server. Malicious actors can use the combination of IP addresses and device information to launch targeted attacks on users and deliver malicious payloads to their devices. This article continues to discuss the leak of user data by the video-streaming platform Lionsgate Play.

Cybernews reports "Lionsgate Streaming Platform with 37M Subscribers Leaks User Data"