There are a numerous subscription based services available to consumers that allow us to provide our debit or credit card numbers to obtain a subscription for services. Providing a debit or credit card number for these services for an automatic charge means that the company has your number and it can be exposed, putting you at risk for fraud.
Last week, MoviePass, a subscription based service that allows consumers to pre-pay to watch movies, acknowledged in response to a security researcher’s notification, that more than 58,000 of its customers’ personal information, including MoviePass card numbers, name, billing information, debit card number and expiration date, and email address. The data exposed on MoviePass cards included the date it was issued, the card number, its expiration date, and the balance on the card. Although the database included over 161 million consumers’ information, it is being reported that more than 58,000 of them contained MoviePass card information, and debit and credit card information. However, the security researchers found that there was enough information on the exposed database to make fraudulent card purchases.
MoviePass has acknowledged the security vulnerability. If you have a MoviePass subscription, be aware of the incident to protect yourself from fraud, and think twice about giving your debit and credit card number to companies offering subscription based services.