Particle.news

Tving Confirms Unauthorized Access to User Database

Exposed contact and identity fields could fuel phishing and account takeover, signaling heightened risk for many subscribers.

Overview

  • The streaming platform said an unidentified external actor accessed a user database and may have taken user IDs, names, birth dates, gender, phone numbers and email addresses.
  • Tving said resident registration numbers and payment details were not stored or exposed and apologized for the leak while promising later details on compensation.
  • After detecting the intrusion the company blocked the attacker’s IP, revised cloud access controls, implemented additional security measures and opened a dedicated customer support center.
  • The company has not disclosed how many accounts were affected, leaving the scale of exposure unclear for a service that has roughly 7.7 million monthly users according to Mobile Index.
  • Exposed contact and identity fields commonly enable phishing, spam and account takeover attempts, and the incident arrives as regulators and the public press for stronger data protection after recent leaks.