A hacker or a group going by the name John Wick and Korean Hackers, claims to have breached the network of ZEE5. They’ve posted a dump containing customers’ sensitive data to support their claims and threatens to expose everything public soon. There are even snippets of DishTV and Ditto TV folders found in the proofs shared by them, citing potential hack on them too!
Source Code and Subscribers Data
ZEE5 is an Indian OTT platform that has over 150 million subscribers. It has more than 100K on-demand content in terms of movies and shows and 80+ live TV channels. The platform has already experienced a leak of their customer’s data earlier this year, and now, a Kanishk Tagade reached out to BleepingComputer explaining about the email he received, which has details about a massive data breach in ZEE5.
BleepingComputer after verifying the email contents report that authors of breach claim to have stolen over 150GB of ZEE5’s private data, which includes the platform’s source code and data, recent transactions, passwords, emails, mobile numbers, email id, messages etc of their customers. A sample of this breach was hosted on BitBucket, where the hacker shared its link to Kanishk and few ZEE5 editors as proof.
Helping For Ethereum?
And since the email was sent via Tutanota, a private and encrypted mailbox service, tracking back the sender is difficult. The only references to him/her/them are the name like John Wick and Korean Hackers.
What’s more interesting here is that they’re seeking to help those companies to have better security walls in return for Ethereum. Yes, hackers explained to BleepingComputer that they’re in talks with ZEE5 to help them for 10 Ethereum.
Further, there are snippets found in the samples from BitBucket that, some folders mentioned as dish-tv and dittotv-databases-backup! And since Dish TV and Ditto TV too belong to Essel Group, the same which owns ZEE5, we doubt the hackers may have hit there too!