Zee5, an Indian OTT platform with over 150 million users had a part of its userbase’s data leaked again. Found by Rajshekhar Rajaharia, an internet security researcher, over 9 million users of Zee5 allegedly leaked online earlier this week. This is the second time Zee5 in news for a data breach, with the first one happened in the mid-last year.
Zee5 Data Breach, Again!
It’s quite certain that hackers are targeting OTT platforms lately since they’re growing rapidly amid lockdowns. A number of people flock around home entertainers like Zee5 to sway their boredom while at home. While it did garner benefits for either of the parties, businesses are failing to catch up with the security and privacy of their users in some cases.
9 Million users data alleged leaked from #Zee5 again!! It seems latest data leak on 23rd Feb 2021. I sure no one is going to take responsablity for this too. Now we can say that there is no value of our personal and financial data. Risk is ours.#InfoSec #dataprotection #GDPR pic.twitter.com/gzFTnTQ6W9
— Rajshekhar Rajaharia (@rajaharia) February 27, 2021
This happened with Zee5 last year in May, and now again! As reported by Rajshekhar Rajaharia, an internet security researcher, over 9 million users’ personal data has been leaked online! This includes the users’ first name, last name, email address, date of birth, phone number, username, and the recorded timestamps of when their details were last updated.
Earlier, the case has been even worse with the source code of Zee5, account transactions, and even the passwords being stolen. Though Zee5 denied the initial leak, it’s said to be investigating the current incident and asked the researcher not to expose such cases publicly, and reach directly instead for the sake of viewers’ privacy.
While this invoked some harsh replies from some users, it’s still a lesson for the rest of tech companies storing users’ data insecurely, and also to the government for not taking appropriate actions on such loose companies. As of now, it’s suggested that all Zee5 users reset their current passwords and update them with new and strong ones.