[BreachExchange] Hacker shares 3.2 million Pluto TV accounts for free on forum

Destry Winant destry at riskbasedsecurity.com
Wed Nov 18 10:37:20 EST 2020


https://www.bleepingcomputer.com/news/security/hacker-shares-32-million-pluto-tv-accounts-for-free-on-forum/

A hacker is sharing what they state are 3.2 million Pluto TV user
records that were stolen during a data breach.

Pluto TV is an Internet television service that lets you stream free
TV shows with advertisements. The service has over 28 million members,
and its mobile apps have been installed over 10 million times.

Pluto TV database leaked on a hacker forum

Over the past week, threat actors have been releasing user databases
for farious commercial websites that were stolen during data breaches
on a hacker forum.

All of these breaches are said to be done by a threat actor named
ShinyHunters, who has been responsible for numerous data breaches and
the hack of Microsoft's private GitHub repository in the past. For the
past few months, though, ShinyHunters has disappearedd, and fewer data
breaches have been reported.

Since ShinyHunters reappearance, numerous data breaches have been
confirmed, including Animal Jam, 123RF, Geekie, Athletico, Wongnai,
RedMart, and many others.

On Wednesday, a threat actor shared what they say is a Pluto TV user
database containing 3.2 million user records. This data breach is once
again attributed to ShinyHunters.

Pluto TV database is offered for free

The samples of the database seen by BleepingComputer contains a
member's display name, email address, bcrypt hashed password,
birthday, device platform, and IP address.

Sample of Pluto TV records in the database

The data in this breach appears to be two years old, with the latest
record created on October 12th, 2018.

BleepingComputer has confirmed that all of the email addresses shared
in the sample are actual members of Pluto TV. This leads us to believe
that the data breach is valid.

In a statement to BleepingComputer, though, Pluto TV has not confirmed
if the data breach occurred, and only that they are investigating.

"While at this time, we cannot verify the veracity of this claim, any
attempt to compromise the security of our users, platform, or details
are treated with the utmost priority. We are investigating the
matter," Pluto TV told BleepingComputer.

What should Pluto TV users do now?

As some of the exposed data has been confirmed as accurate, it does
appear that legitimate info was exposed.

Out of an abundance of caution, it is suggested that all Pluto TV
users immediately change their passwords.

If you use the same Pluto TV password at other sites, it is strongly
recommended that you change them there as well. You can use a password
manager to help keep track of unique passwords at every site.


More information about the BreachExchange mailing list