SterKinekor

Medium Impact

9 March 2017

•

1,619,544 records affected

•

HaveIBeenPwned

Search on Google

Description

In 2016, the South African cinema company Ster-Kinekor had a security flaw which leaked a large amount of customer data via an enumeration vulnerability in the API of their old website. Whilst more than 6 million accounts were leaked by the flaw, the exposed data only contained 1.6 million unique email addresses. The data also included extensive personal information such as names, addresses, birthdates, genders and plain text passwords.

What to do if you're affected

1.Change your password immediately if you have an account with this service
2.Enable two-factor authentication (2FA) wherever possible
3.Check if your email appears in the breach using Have I Been Pwned
4.Monitor your accounts for suspicious activity
5.Consider using a password manager to generate unique passwords

Learn More About Data Breaches

Have I Been Pwned

Check if your data has been compromised

ENISA

EU Agency for Cybersecurity