News More News
Names, emails, and subscription plan details of Sundance NOW and Shudder subscribers were found unprotected in a publicly available company database on May 1st. Although the AMC Networks customer information was non-sensitive, it took 24 hours, several bounced emails, and an intervention by a member of the press for the company to respond. A cyber-threat intelligence director named Bob Diachenko details the steps he took to alert the company on his blog. His remarks conveyed surprise about the lack of a concrete incident response process.
AMC took down the exposed information as soon as officials received the alert. The response was quick and appropriate after the failure of the original notification process delayed action. They issued the following statement in response to the incident. “We became aware of an issue regarding access to an internal development database, which was primarily used for catalogue data along with certain other non-sensitive subscriber information, and we immediately took action to close off this access,” the company said in a statement to Diachenko at Security Discovery Consulting. “We are taking steps to make sure this doesn’t happen again.”
Although the information wasn’t financial, he recommends any AMC Networks streaming customers who subscribe to either Sundance NOW or Shudder remain alert in the coming months for phishing scams. The information across the various databases was complete enough to create a partial profile by which an unsuspecting customer could be scammed.
Megan Southard is a writer, mom, technology enthusiast, and movie junkie. She dreads the day her kids have to explain gadgets to her and is old enough to say, "I was the remote for our TV growing up."
Disclaimer: This article may have had additional images, links or data that was added by this site's editor.