SUMMARY
Hackers claim to have stolen over 150 GB data of live data of ZEE5
The hacker, who goes by the name John Wick, seems to belong to a Korea-based hacking group
The database contains records such as user passwords, email addresses and phone numbers
Update| 10:35, June 7, 2020
Axinom’s CEO Ralph Wagner has said that the company doesn’t manage ZEE5 database nor do Axinom system use the mentioned MySQL database. He also pointed out that Axinom doesn’t operate or manage Zee5 data services. “They use our software to manage content, but they (ZEE5) operate it themselves and the affected databases MySQL is not developed or even operated by Axinom,” he added.
A hacker group has claimed to have gained access to the database of Zee Group’s over-the-top video streaming platform ZEE5.
According to a report in Quickcyber, hackers claim to have stolen over 150 GB live data. They also claim to have access to the source code of the website. The hacker, who goes by the name John Wick, said that they got access to ZEE5’s database and its code repositories on bitbucket.org.
The hacker, which reportedly appears to be a part of a Korea-based hacking group, said that the database contains personal information of users. Interestingly, the group is now looking to put the database for the public to begin selling ZEE5’s users data.
The breach reportedly may have occurred between the end of February and March. Records in the database are said to be as latest as of April 24, 2020. The hackers also have the details of users who have recently bought the subscription of the OTT platform. The database is said to be possessing the information of users who are said to be belonging from all the parts of the country.
The media report suggests that the payments data, which is reportedly managed by Axinom, a contentment management and protection platform which is handling the backend operations of ZEE5. According to the hacker, the database contains personal details of users including transactions, passwords, email addresses, phone numbers, among others.
Inc42 has reached out to ZEE5 seeking confirmation from the company and has asked further details about the breach. We’ll update the story after getting a response from ZEE5.
ZEE5 is home to over 100K hours of on-demand content and more than 80 live TV channels. The platform brings together originals, Indian and international movies and TV shows, music, kids content, cine-plays, live TV programming, and health and lifestyle content through a single window. ZEE5 offers features like 11 navigational languages, content download option, seamless video playback and voice search.
In the last three weeks, cases of data breach and hacks related to Indian application and websites have spiked. Recently, Common Service Centres’ (CSC) website suffered a data breach which compromised personal data of more than 7.26 Mn users in India.
Last month, an unidentified individual was found to be selling personal data of 47.5 Mn Indians alleged to be users of caller ID app Truecaller on the dark web. Also, an independent security researcher has discovered a database of 9.1 Mn Zoomcar users being sold on the dark web by an anonymous hacker.
