MovieBoxPro
  • Total Records6,056,814
  • Unique Emails5,985,874
  • Unique Usernames5,979,885

MovieBoxPro Data Breach Exposed Over 6 Million Records in April 2024

In April 2024, MovieBoxPro—a popular streaming service—experienced a data breach that exposed over 6 million user records. Attackers exploited a vulnerable application programming interface (API), enabling them to scrape email addresses and usernames belonging to the service’s user base. The incident was notable not just for its scale, but also because MovieBoxPro initially lacked accessible contact information for incident disclosure, highlighting gaps in the platform’s security measures at the time. After the breach was discovered, the underlying API vulnerability was reportedly addressed, but the exposed data had already spread across the internet.

What Happened in the MovieBoxPro Breach?

The breach occurred when an insecure API endpoint allowed unauthorized parties to access and collect user details. Rather than relying on classic hacking techniques, the attackers systematically scraped the exposed data. This method enabled them to amass more than 6 million unique records—including emails and usernames—without tripping defensive alarms that more traditional attacks might trigger.

Timeline of the Breach

  • April 2024: The vulnerability in the MovieBoxPro API was exploited, and user data was scraped.
  • Discovery: The breach came to light following reports of data circulating online. It became clear that the API had enabled large-scale exposure of personally identifiable information.
  • Mitigation: After learning of the exposure, MovieBoxPro moved to patch the vulnerable API, effectively stopping further data leaks.

What Data Was Exposed?

The scraped data included the following user information:

  • Email addresses
  • Usernames

No payment data, passwords, or more sensitive personal information were known to be involved in this specific breach. However, with email addresses and usernames exposed, users may have faced increased risks of targeted phishing attacks or spam.

Scope and Impact

Altogether, 6,056,815 records were impacted during this incident. That means millions of users had some of their account information made publicly accessible. The scale of this breach places it among notable streaming service exposures in recent years, emphasizing the importance of API security and responsible data handling in the streaming industry.

Frequently Asked Questions

How many users were affected in the MovieBoxPro data breach?

Over 6 million users had their email addresses and usernames exposed in the MovieBoxPro breach in April 2024.

What information was leaked in the MovieBoxPro breach?

The primary information compromised included email addresses and usernames linked to MovieBoxPro accounts.

When did the MovieBoxPro data breach happen?

The breach was carried out and discovered in April 2024.

How was the MovieBoxPro API vulnerable?

An insecure API endpoint allowed attackers to systematically scrape user data, resulting in large-scale exposure of email addresses and usernames.

How can I check if I'm in the MovieBoxPro breach?

You can check if your information was part of the MovieBoxPro breach by utilizing the DeHashed search engine.