OpenSubtitles hacked, 6.7 million users' data leaked online

OpenSubtitles, one of the biggest online subtitle download services for movies and series, suffers a data breach, which led to 6.7 million users' data leak onto the internet.

The massive leakage is the result of a hacker attack detected in August 2021 but not revealed to the public until now; the victim paid the demanded redemption, but the stolen information was published contrary to the agreements.

On Jan. 18, the company published a statement where informed that it was hacked:

According to OpenSubtitles, all users data was accessed by the attackers, including username, password and email address.

Troy Hunt, creator of the Have I Been Pwned data breach notification service, commented on the OpenSubtitles data security incident:

The OpenSubtitles owners say they didn't use salted MD5 passwords because they had "little knowledge of security" when theгк site was created in 2006. The cause of hacking was the low level of website protection from intruders, and the OpenSubtitles promised to fix it:

We should have spent more energy on securing the site and kick out the old MD5() without salted passwords long time ago.

Marketing company has become another recent victim of the ransomware operators. RR Donnelly confirmed that it suffers a data leak due to the Conti ransomware group.