Threat Actor: BitBanish | BitBanish
Victim: Vivamax Philippines | Vivamax Philippines
Price: Listed for sale on a dark web forum
Exfiltrated Data Type: Personal and transactional information of subscribers
Key Points :
- Over 6.8 million subscriber records compromised.
- Data includes full names, phone numbers, email addresses, and subscription details.
- Data files are in JSON format, totaling over 3.08 GB in size.
- Risks include identity theft, phishing attacks, and compromised parental controls.
- No official statement from Vivamax has been released yet regarding the breach.
- Affected users are advised to monitor accounts and update passwords.
Manila, Philippines – A massive data breach has compromised the personal information of over 6.8 million Vivamax Philippines subscribers, with the stolen data listed for sale on a dark web forum. The breach was announced by a user identified as “BitBanish” early this morning, raising substantial concerns regarding data privacy and security among Filipino internet users.
Details of the Breach
Vivamax, a prominent video streaming service operated by VIVA Communications, Inc., experienced a substantial data leak. The attacker accessed Vivamax’s database through API scraping, authenticated with admin privileges. The exposed data includes both personal and transactional information of subscribers.
The Members/Subscribers data file is over 2.08 GB in size, containing more than 6.8 million records in JSON format. This file includes information such as full names, phone numbers, email addresses, country of registration, account creation dates, subscription IDs, subscription start and end times, subscription types (Google, Huawei, Card, Apple, PayMaya), and parental control PINs.
Additionally, the Subscribers’ Transaction data file, approximately 1.0 GB in size, contains multiple transaction rows per subscriber in JSON format.
The leaked data also includes detailed subscription information, such as subscription type, status, subscription ID, content ID, expiry time, and Apple subscription details. These details reveal the environment, receipt type, bundle ID, application version, receipt creation date, original purchase date, product ID, and transaction ID.
The detailed personal and transactional data exposed in this breach poses severe risks, including identity theft, phishing attacks, and other cybercrimes. The inclusion of parental control PINs further elevates the risk, potentially compromising the safety of minors using the service.
Response from Vivamax
As of this writing, Vivamax has not released an official statement regarding the breach. It is anticipated that the company will soon address the incident, detail the security measures being taken, and provide guidance to affected users.
Recommended Actions for Users
Affected users are advised to monitor their financial and online accounts for any unusual activity. It is also recommended to update passwords for all online accounts, especially if they are similar to those used for Vivamax. Implementing Multi-Factor Authentication (MFA) wherever possible can add an extra layer of security. Users should also exercise caution with unsolicited emails or messages requesting personal information to avoid phishing attempts.