Patari, a Pakistani music streaming app has reportedly been hacked, exposing the confidential data and credentials of more than 257,000 users. The database holding the personal data of these users has been exposed online on English and Russian hacker forums.
Currently, it is unknown when the data breach occurred, but the data was posted online on June 13th, 2021. The statement comes from the tech blog HackRead, which describes the recent data breach on Patari. According to the report, the leaked database contained the following information:
- Full names/Usernames
- Email addresses
- Password hashes (unsalted md5)
- Avatar links
Furthermore, the hackers succeeded to overtake Patari when they were exhibiting their database backup on a misconfigured MongoDB database back in May this year. Patari was notified of the misconfiguration in their database, but since the firm did not acknowledge it, the hackers released all the information online.
Moreover, HackRead further attempted to inform Patari of the data breach by emails and Twitter, but the streaming platform did not respond. As for the users who have an account on Patari.com, are advised to change their emails and passwords as soon as possible. They can also head over to Have I Been Pwned to check if their emails or phone numbers were endangered.
In addition, the users are presently on their own since the company has neglected to answer for more than 10 days. As for how the data breach underwent; as per the hackers, they discovered Patari exposing its database backup on a misconfigured MongoDB database sometime in May 2021.