Overview
- The streaming platform said an unidentified external actor accessed a user database and may have taken user IDs, names, birth dates, gender, phone numbers and email addresses.
- Tving said resident registration numbers and payment details were not stored or exposed and apologized for the leak while promising later details on compensation.
- After detecting the intrusion the company blocked the attacker’s IP, revised cloud access controls, implemented additional security measures and opened a dedicated customer support center.
- The company has not disclosed how many accounts were affected, leaving the scale of exposure unclear for a service that has roughly 7.7 million monthly users according to Mobile Index.
- Exposed contact and identity fields commonly enable phishing, spam and account takeover attempts, and the incident arrives as regulators and the public press for stronger data protection after recent leaks.