A threat actor is selling customer data of Shemaroo Entertainment in a hacker forum. The data includes records of around 16.4 million users. It includes email addresses, passwords, phone numbers, and other personal information.
The seller has also posted the sample data. So, buyers can see the sample before ordering the full data set.
There is no way I could verify the authenticity of the data.
The good thing is that passwords in the leaked data set are encrypted. But email, phone numbers, and other personal data can be used to perform social engineering attacks or other kinds of scams.
If you have an account on shemaroome.com, you need to change your password. You should also avoid clicking on links received in emails or messages from unknown senders.
