Comic reading platform Mangatoon has suffered a data breach that exposed information belonging to 23 million user accounts after a hacker stole it from an unsecured Elasticsearch database.
Mangatoon is also a very popular iOS and Android app used by millions of users to read online Manga comics.
This week, the data breach notification service Have I Been Pwned (HIBP) added 23 million Mangatoon accounts to their platform.
“Mangatoon had 23M accounts breached in May. The breach exposed names, email addresses, genders, social media account identities, auth tokens from social logins and salted MD5 password hashes,” tweeted the HIBP account.
The addition of the Mangatoon database comes after HIBP’s owner, Troy Hunt, attempted to contact the company about the data breach without any success.
Lot’s of chirping crickets at @MangatoonEN, both on Twitter and via email. Any other ideas? At least one other person has been trying to reach them for much longer than me too.
— Troy Hunt (@troyhunt) July 6, 2022
Mangatoon users can now search for their email address on HIBP and check if their account is part of the breach.
BleepingComputer has sent multiple emails to Mangatoon regarding the data breach but has not heard back.
Stolen from an Elasticsearch database
The data breach was conducted by a well-known hacker named “pompompurin,” who said they stole the database from an Elasticsearch server that was using weak credentials.
“It was ES, they had credentials on it but it was just “password”, they changed the credentials after I emailed telling them but they never notified their customers and never replied,” pompompurin told BleepingComputer.
pompompurin shared samples of the database with BleepingComputer, which we confirmed to be valid accounts on the Mangatoon platform.
When asked if they would publicly release or sell the database, they said they would probably leak it at some point.
pompompurin has been involved in other high-profile breaches, including sending fake cyberattack emails through the FBI’s Law Enforcement Enterprise Portal (LEEP) and stealing customer data from Robinhood.
After the RaidForums hacking forums were seized by law enforcement, pompompurin launched a similar forum called Breached.
Source: www.bleepingcomputer.com