breach analysis: HTH Studios
intro
victim name: HTH (High Tail Hall) Studios
victim url: www.hthstudios.com
victim description:
HTH Studios is the animation studio created by Crowchild. The studio is most noted for their furry adult games serie High Tail Hall and Red Light District.
victim category: game studio,pornography,store,forum
the breach
breach date: August 24, 2018
compromised data: usernames,first names,last names,email addresses,ip addresses,passwords,birth dates,registration dates,last activity dates,last password reset dates,2FA encrypted keys,phone numbers,fax numbers,billing addresses,shipping addresses,user-agent strings,orders information
compromised accounts: 455,167
password hashing algorithm: bcrypt,salted md5,salted sha1,phpBB3
breach acknowledged by the victim? yes
observations:
the data emerged in a popular hacking forum in mid-November. this particular breach was covered by the media, perhaps due to its sensitive nature.
tables affected:
wwi1h_users- (311,716 accounts - main site database) - compromised data: usernames, email addresses, ip addresses, passwords (bcrypt, salted md5), birth dates, registration dates, last activity dates, last password reset dates, 2FA encrypted keysphpbb_users- (90,322 accounts - forum database) - compromised data: usernames, email addresses, ip addresses, passwords (phpBB3), birth dates, registration dates, last activity dates, avatars, user signatures and moreai21c_customer- (33,129 accounts - store’s customer database) - compromised data: first names, last names, email addresses, passwords (salted sha1), phone numbers, ip addresses, registration dateai21c_address- (45,629 entries - customers’ addresses) - compromised data: first names, last names, addressesai21c_order- (147,968 - information about orders) - compromised data: first names, last names, email addresses, phone numbers, fax numbers, billing addresses, shipping addresses, ip addresses, user-agent strings, order prices
statistics
breach publicity:
| service | present? |
|---|---|
| have i been pwned | yes |
| we leak info | no |
| dehashed.com | no |
| breach alarm | no |
top 10 used email providers:
| provider | number of entries |
|---|---|
| gmail.com | 124246 |
| yahoo.com | 58813 |
| hotmail.com | 56690 |
| mail.ru | 20789 |
| aol.com | 7542 |
| live.com | 6549 |
| outlook.com | 4295 |
| hotmail.co.uk | 4249 |
| any-gsm-network.top | 3034 |
| web.de | 2766 |
- from a sample of 45000 customers, 66.6% of the users were from the United States, 7.146% were from Canada, 3.437% were from the United Kingdom, 3.07% were from Germany and 2.206% were from Russia. The rest of the sample was not taken into consideration.
conclusion
breach severity: MODERATE
hth studios was transparent about this violation and noted that the data came from an old system that is no longer used. since this breach comes from a pornographic games studio, the data can be classified as sensitive.