![]() ![]() The website owner says he has accepted his mistake and learned his lesson the hard way. But short easy passwords, especially if they are in the English dictionary, can rather easily be extracted from this data." Customers whose data was leaked were advised on the site: "If you used a strong password - let's say at least 8 characters with lowercase, uppercase, number and special characters - you should be safe. The owner says the site didn't use salted MD5 passwords because he had "little knowledge of security" when the website was created in 2006. OpenSubtitles said that, "Most users didn't use strong passwords it means hackers can get access to user accounts." The passwords of user accounts that OpenSubtitles stores at the backend were unsalted MD5 hashes, which could be another reason why the owner paid the ransom. I would also like to know."Ī red-alert warning to users was put on the website home page, on unsuccessful login and on its forum prior to notification by Troy Hunt, the owner tells ISMG. I don't have any knowledge that the data is available on hacker forums or similar. He tells ISMG: "I believe the hacker sent it directly to Mr. The owner refused to pay again, and "it went to today's situation," he says. The owner tells ISMG that he believed he had a "gentleman's agreement" with the hacker that the data would not be revealed, given that the hacker had been helpful in securing the website and "seemed trustworthy." Unfortunately, after having paid the initial ransom, two weeks ago, the attacker's friend - believed to be the attacker - contacted the owner wanting more money. This script allowed him to perform SQL injections and extract the data. ![]() ![]() "He explained how he could gain access and helped fix the error." The owner tells ISMG how the attacker was able to hack the low security password of a SuperAdmin using a brute force attack and gained access to an unsecured script that was available only for SuperAdmins. Initially, OpenSubtitles' owner said he was apprehensive about paying the ransom, but he gave in when the hacker promised to help secure the website - which he did. Instead, he says, it was a genuine old-school ransom demand made in exchange for deleting the data that was leaked through the OpenSubtitles SQL database. Hunt tells ISMG that this was not a ransomware attack in which data was encrypted and a ransom was demanded in exchange. I don't want to disclose the amount, but it was a lot for me," the owner tells ISMG, adding that the attacker had promised to delete the data. " showed us proof that he could gain access to the user table of Opensubtitlesorg, and downloaded an SQL dump from it," the forum post says.Īfter contacting the owner, the hacker asked for a ransom, to be paid in bitcoins, in exchange for not disclosing the attack or subsequently leaking details of the platform's subscribers. On a forum on the site, the owner says the hacker provided a proof of concept demonstration to the website owner to gain his trust. OpenSubtitles' owner tells Information Security Media Group, "To my knowledge it was 6,812,134 users - a couple of thousands of them were imported and never logged in." He says he learned about the breach through a Telegram message sent by the hacker. 75% were already in Read more: - Have I Been Pwned JanuWhat Happened Data included email and IP addresses, usernames and unsalted MD5 password hashes. New breach: Open Subtitles had almost 7M accounts breached and ransomed in Aug. The OpenSubtitles data breach affects 6,783,158 users of the platform and includes personally identifiable data such as email and IP addresses, usernames, user's geolocation and passwords stored as unsalted MD5 hashes, says Troy Hunt, creator of the Have I Been Pwned data breach notification service. See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources The site owner reports that he paid the ransom, but the stolen dataset has now surfaced and it appears that it could be circulating on some underground forums. OpenSubtitles, a website providing free movie subtitles, confirmed to its users this month that it had been hacked last August and that the hacker had demanded a ransom to remain silent about the attack and to delete the leaked data. ![]()
0 Comments
Leave a Reply. |