A MoviePass database that was left unsecured may have exposed the credit card and customer card information of nearly 60,000 of the movie subscription service’s customers, TechCrunch reported this week.
Security researcher Mossab Hussein discovered the trove of unsecured records, which included names, email addresses, card expiration dates, and home addresses of some users. Hussein said the information may have been publicly accessible and vulnerable to misuse by cybercriminals for several months.
MoviePass confirms the incident
In a statement on Wednesday, MoviePass said it immediately secured the unprotected server once the vulnerability was discovered. The company said affected customers will be notified after it conducts its own research into how many customer records were exposed.
“MoviePass recently discovered a security vulnerability that may have exposed customer records. After discovering the vulnerability, we immediately secured our systems to prevent further exposure and to mitigate the potential impact of this incident,” said MoviePass chief executive Mitch Lowe.
“MoviePass takes this incident seriously and is dedicated to protecting our customers’ information. We are working diligently to investigate the scope of this incident and its potential impact on our customers. Once we gain a full understanding of the incident, we will promptly notify any affected subscribers and the appropriate regulators or law enforcement.”
The movie ticketing service, which had more than 3 million customers as of June 2018, has faced financial struggles as a result of its unsustainable business model and growing user base.
Last month, MoviePass announced that it would be shutting down for several weeks to make “improvements” and work on a new version of its app. MoviePass now claims on its website that “service has been restored to a substantial number of our current subscribers and we are hoping to take steps to restore service to all our current subscribers.”
For the time being, MoviePass isn’t letting new customers sign up.