- Stream elements confirmed a data overgrowth that occurs on a previous third party
- Hundreds of thousands of customers lost sensitive information
- Hackers are already using the data to send phishing -e emails
Sky -based streaming tool provider Streamlings has confirmed the suffering of a data violation after a hacker compromised one of the company’s former third parties.
“We recently became aware of a data security event that involved a third -party provider we stopped working with last year,” the company said in a message of X. “We can confirm that no power elements have been broken.”
In mid -March 2025, a threat actor with the alias “victim” opened a new thread on the violation forum (a popular forum for all things cybercrime) and claimed to have stolen sensitive information belonging to 210,000 power elements clients. The archives included people’s full names, postal addresses, e -mail addresses and phone numbers, and their authenticity was confirmed by journalist Zach Bussey, who found his own information in the database.
Fake updates
Stream elements are a cloud-based platform that provides livestreamers tools, including overlays, alarms, chatbot automation and tilting services.
While it does not claim any mistake on its side and shifts the blame on the named third party, the threat actor says they actually compromised a streaming employee with an infoTealer.
It gave them enough access to exfiltrating the data with the archives containing information generated between 2020 and 2024.
Although there are not many things that a threat actor can do with names, email addresses and phone numbers, they can still engage in identity theft or run custom-built phishing campaigns whose success rate is usually better than generic.
To this end, stream elements are already warning its customers that phishing -e emails started going out and fooling people with fake e emails “data violation”.
“Heads Up: Scammers use this 3rd-partic violation as the bait to send false” data violation emails, “says a new X post.” These are not from power elements.
Don’t open, don’t click, just reports and delete. The violation is under investigation and we share updates via official channels when there is more information. “
The company said it began to reach affected customers to warn them of the possibility of attack. Meanwhile, Bleeping computer Reports that the original post on the violation forum has been deleted.
Via Bleeping computer
