OpenSubtitles Hacked-  Data Breach Affected 7 Million Subscribers

OpenSubtitles has acknowledged the data breach and confirmed that hackers managed to steal and leak email, hashed passwords, and usernames.

OpenSubtitles is one of the most popular subtitles websites that’s the latest victim of hacking leading to a data breach. According to the site admin OSS, a hacker notified them via Telegram in August 2021, confirming that they accessed their user data.

OSS revealed that they didn’t implement robust security measures as cybersecurity wasn’t such a critical issue back in 2006 when the website was launched. In the preceding years, they didn’t improve the site’s security. That’s why attackers could compromise the website by hacking a SuperAdmin’s low-security password and accessing user data after performing SQL injection.

What Data was Compromised?

The attacker downloaded the SQL dump, including usernames, passwords, and email addresses of almost 7 million users (6,783,158). However, the website admin OSS has confirmed that credit card details weren’t compromised in the attack because these are stored on another platform.

But, as per the details shared by Have I Been Pwned, the data dump also included the user’s IP addresses and geographic location.

Screenshot from OpenSubtitles’ blog post

About OpenSubtitles

OpenSubtitles is a famous subtitle repository where millions of subtitle files are downloaded weekly in different languages to be paired with downloaded TV shows and movies. The website was launched by a Slovakian programmer who developed this idea while drinking beer at a local pub. 

Attacker Demanded Ransom

The website admin stated that the attacker demanded a huge ransom from them in August for not disclosing the attack, and payment had to be made in Bitcoin. The attackers promised that they would also cooperate with OpenSubtitles to close the security flaws and delete the data dump.

However these were fake promises because even after receiving the ransom, the attackers never contacted them. On 11 January 2022, the attackers leaked the data online.

Related Posts