IndieFlix leaves thousands of confidential agreements, filmmaker SSNs and videos exposed on public server

The CyberNews research team discovered an unsecured data bucket on a publicly accessible Amazon Simple Storage (S3) server containing confidential data belonging to IndieFlix.

IndieFlix is a US-based entertainment company offering a subscription-based online video streaming service that mainly specializes in independent titles, including feature films, shorts, and documentaries.

The data bucket discovered by CyberNews contains over 90,000 files related to the IndieFlix streaming service. This includes scans of confidential motion picture acquisition agreements, tax ID requests that include filmmaker social security numbers and employer identification numbers, as well as relatively detailed contact information of thousands of film professionals. Additionally, the bucket hosts thousands of video files of short films, movie clips, and trailers that can be accessed and downloaded by anyone with a direct link to the files.

After CyberNews contacted IndieFlix and Amazon Web Services, the bucket has been secured and is no longer accessible.

Full article on https://cybernews.com/security/indieflix-leaks-thousands-of-filmmaker-ssns-confidential-agreements-videos/

#databreach #security #amazon #indieflix