What Happened
In 2025, OnlineTVRecorder (OTR), a web-based service for recording TV broadcasts from over 100 channels across countries like Germany, the USA, UK, Austria, and Switzerland, suffered a data breach advertised on underground hacking forums by threat actor “Ddarknotevil” (also linked to breaches by “HackManac”). The incident exposed approximately 543,019 user records, including highly sensitive unencrypted data such as email addresses, plain text passwords, user IDs, nicknames, activation codes, newsletter subscriptions, registration details, recording start times, download history, overall downloads, ratings, last login information, and paid status. OTR has not confirmed the breach, leaving its validity unverified by the company or experts, though it highlights critical security lapses like failing to hash or encrypt passwords, potentially enabling account takeovers, phishing, and credential stuffing. Users are advised to change passwords, enable 2FA where possible, monitor accounts, and avoid password reuse.
