Hollywood Site Leaks Personal Data Of 260,000 Actors

Uploaded on 2020-07-30 in NEWS-Cybersecurity News, FREE TO VIEW

popular US online casting agency MyCastingFile.com has leaked a significant volume of private data belonging to more than 260,000 users. This website is used to cast US talent in movies and television shows. The company behind the site claims to have recruited talent for productions such as NCIS: New Orleans, True Detective, Pitch Perfect and the last instalment of the Terminator series, Terminator Genisys.

The records from over 260,000 users including personally identifiable information (PII) such as both physical and email addresses, phone numbers and sensitive information about distinguishing physical features.

In total, close to 10 million records were leaked, adding up to around 1GB in size.If referring to server records, it would appear the breach first originated on 31 May 2020 but has since been fixed by the company, following our disclosure. The site allows users to create what it calls “talent profiles” whereby users complete a detailed questionnaire including sensitive personal information including weight, height and ethnicity details.

The site also allows children under the age of 18 to use its services, thereby raising the level of cybersecurity required for child protection.

In its privacy policy, the website operator states that its services are reserved for adults only and that all under-18 accounts must be managed by parents, but does confirm that children’s private information is stored on the company’s server alongside adult profiles. The leak contained several pieces of information that could be weaponized by hackers to commit identity theft and fraud, across various establishments and organisations both private and public.

  • Leaked email addresses could be targeted by sending alternative personal information obtained from MyCastingFile and falsely presented to look like a legitimate response. The combined collection of data creates an engaging approach for hackers and can lead to click-throughs to unsecured websites, malware downloads and virus intrusions.
  • Photographs provided by users can be harnessed to conduct scams involving facial recognition such as identity fraud, as well as being used to create multiple illegitimate profiles, to carry out what’s known as “catfishing”, the act of luring someone into a relationship by means of a fictional online persona.

User photographs could be potentially compromising, therefore, creating severe anxiety and/or reputational damage for those affected by the breach. Moreover, availability of sensitive private information such as photographs, videos or even medical information, can all be leveraged by nefarious users to extort and blackmail their targets.

The fact that this breach occurred at a casting agency raises various industry-specific concerns such as famous actors being stalked and people being lured into harmful situations under the pretense of securing a major movie role.

Safety Detectives:       ZDNet:       NewZZ:       IDAgent


You Might Also Read: 

AI Can Turn Hollywood Stars Into Pornographic Actors:

 

« Vital Necessity Of Cloud Computing Highlights Security Risks
Women In Cyber Security Are Paid Much Less Than Men »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Foundation for Strategic Research (FRS)

Foundation for Strategic Research (FRS)

The Foundation for Strategic Research is France's main independent think tank on strategic, defense and security issues. Cyber security is covered as part of the study areas.

Marsh

Marsh

Marsh is a global leader in insurance broking and risk management and has been a leader in combatting cyber threats since their emergence.

a1qa

a1qa

a1qa specializes in the delivery of full-cycle software QA and application testing services.

SGCyberSecurity

SGCyberSecurity

SGCyberSecurity is Singapore's No.1 Cyber Security portal. From this platform, you will be able to find useful articles, resources and connect with the security companies for your business needs.

Resilia

Resilia

RESILIA is a comprehensive portfolio of tools and training to help your organization achieve global best practice in cyber security.

Forensic Pathways

Forensic Pathways

Forensic Pathways focus on the provision of digital forensic technologies, offering clients unique technologies in the management of mobile phone data, image analysis and ballistics analysis.

CYBRScore

CYBRScore

CYBRScore is a premium, performance-based cyber skills training and assessment provider that quantifies a user’s ability to defend a network.

Anthony Timbers LLC

Anthony Timbers LLC

Anthony Timbers is a cybersecurity consulting and penetration testing firm providing services to the Federal and Commercial sectors nationwide.

TekSynap

TekSynap

TekSynap is a full spectrum Information Technology services provider to federal government agencies.

Larsen & Toubro Infotech (LTI)

Larsen & Toubro Infotech (LTI)

LTI is a global technology consulting and digital solutions company with operations in 33 countries.

Coretelligent

Coretelligent

Coretelligent is a leading providers of Managed and Co-Managed IT, cybersecurity and private cloud services.

RecoLabs (Reco)

RecoLabs (Reco)

Reco empowers organizations to discover their SaaS applications, identities, and data, control access and prevent the risk of exposure.

Corona IT Solutions

Corona IT Solutions

At Corona IT Solutions, our team of specialists in networking, wireless and VoIP are dedicated to providing proactive monitoring and management of your IT systems.

PRE Security

PRE Security

PRE Security is leading the transition into the next era of AI cybersecurity with a new model: Predict & Prevent.

EK3 Technologies

EK3 Technologies

EK3 Technologies mission is to provide comprehensive cybersecurity and IT solutions that allow our clients to focus on sustaining their business.

Coana

Coana

Coana helps software teams tackle the flood of alerts from traditional SCA tools. Using advanced reachability analysis, Coana cuts false alerts by over 80%, freeing up significant engineering time.