Online video service (OTT) Tving said on the 3rd that it had confirmed indications of a personal information leak.
Tving apologized through its website and text messages, saying it had confirmed that on the 2nd an unidentified hacker made unauthorized access to the personal information storage databases (DB) and indications that files were exfiltrated.
The leaked personal information includes user IDs, names, dates of birth, and gender. In the case of mobile phone numbers, the last four digits are said to be encrypted. Tving said refund account numbers and passwords are all encrypted.
Tving said, "As soon as we became aware of the incident, we blocked the attacking IP and changed cloud access controls," and added, "We strengthened DB access monitoring and completed security measures to prevent additional damage."
Tving urged users to change passwords for other services that use the same account information as Tving. It also asked users to beware of phishing crimes such as suspicious calls or text messages.
Tving said it plans to provide separate guidance on compensation plans and procedures for relief related to the incident.