A critical server unprotected by a password has apparently left important MoviePass customer information exposed, TechCrunch reports. Up to 58,000 records containing card data was apparently found in the exposed database.
According to the report, many of the records included MoviePass customer card numbers:
These MoviePass customer cards are like normal debit cards: they're issued by Mastercard and store a cash balance, which users who sign up to the subscription service can use to pay to watch a catalog of movies. For a monthly subscription fee, MoviePass uses the debit card to load the full cost of the movie, which the customer then uses to pay for the movie at the cinema.
More worryingly, some of the records revealed customers' personal credit card numbers, along with billing information, addresses, and names. TechCrunch claims the exposed database included enough information for someone to make a fraudulent card purchase.
That's not all that was left exposed:
The database also contained email address and some password data related to failed login attempts. We found hundreds of records containing the user's email address and presumably incorrectly typed password — which was logged — in the database. We verified this by attempting log into the app with an email address and password that didn't exist but only we knew. Our dummy email address and password appeared in the database almost immediately.
None of the records in the database were encrypted.
TechCrunch's report says the database may have been exposed for several months; it has since been taken offline. The publication said it reached out to MoviePass for comment but a spokesperson did not get back.
If you're a MoviePass subscriber and want to cancel your account, check out this guide.
How to cancel your MoviePass account on iPhone and iPad
Review: The Oura Smart Ring gives you deeper insights into your health
If you're not satisfied with the Apple Watch's very basic sleep tracking, then you should consider another wearable on your finger. With the Oura Smart Ring, you won't even know it's there.
Will Nintendo's beloved indies be negatively affected by the Steam Deck?
With the Steam Deck looking to be the second handheld console hybrid on the market, some are worried about how it will affect the Nintendo indies we've come to love.
Chinese iPhone users angry about Siri Olympic medals gaffe
iPhone users on Chinese social media have expressed their displeasure at a glitch which meant Siri couldn't read out the number of medals China has won at the Olympic Games, some even claiming Apple had done it deliberately.
All the Nintendo Switch games coming in August 2021!
If you're in the market for new Nintendo Switch games, here are the ones being released in August. Highlights include No More Heroes 3, Greak: Memories of Azur, and KeyWe.