Misconfigured Database Exposes Hollywood’s Movie Screener System. From Softpedia.
According to Chris Vickery, security researcher for MacKeeper and the person who discovered the exposed server, the database contained accounts for users that registered with emails with the following domains: @paramount.com, @disney.com, @warnerbros.com, @fox.com, and @spe.sony.com.
Since the attacker had full administrative access to these accounts, he wouldn’t have needed to crack the passwords, but simply guess the hashing algorithm and replace a password for an existing account, or create a new profile for himself.
Immediately after discovering the database Vickery contacted Vision Media Management (VMM), the company which the MPAA (Motion Picture Association of America) hired to create the website, as an alternative to sending DVD screeners via post to its members.