LeiserTV is a website specializing in Estonian content. It has been operating for 10 years and was known for providing its users with pirated media. The platform had a significant user base, many of whom paid for its services.

Breach Details

  • Date of Breach: Over a year ago
  • Type of Breach: SQL Injection on an old site
  • Data Exfiltrated: Yes
  • Disclosure by: Threat actor "DPD"
  • Data Released:
    • users.csv: User accounts (full name, email, password, IP address, reset password token)
    • audit.csv: User login logs (email, user ID, login date, IP address)
    • helpdesk_tickets.csv: Zendesk ticket messages (title, message, IP, user agent, user email)
    • tokens.csv: User login tokens
    • socials.csv: OAuth tokens (Google, Facebook)
    • transactions.csv: User payments (user ID, email, amount)
    • transactions_out.csv: Admin Skrill payments (ID, description or name, amount, time)

Threat Actor Profile

  • Alias: DPD
  • Motivation: Financial gain and public exposure
  • Actions:
    • Attempted to contact the site owner, Meelis Randmaa, to negotiate a deal.
    • Released the data upon receiving no response from the owner.

Impact Analysis

  • Affected Users: 59,000+
  • Data Compromised:
    • Personal information: Full names, email addresses, IP addresses.
    • Security information: Passwords, reset password tokens.
    • Activity logs: Login logs, support ticket messages.
    • Financial data: Payment records, admin transaction details.
  • Potential Consequences:
    • Identity Theft: Personal information can be used for fraudulent activities.
    • Account Takeover: Passwords and reset tokens allow unauthorized access.
    • Financial Fraud: Payment information can lead to unauthorized transactions.
    • Reputation Damage: Exposure of user activity on a piracy site.
Share this article
The link has been copied!