MoviePass reportedly left customers' card numbers and credit card details exposed after failing to password protect a database. Tens of thousands of users were affected, according to the report Tuesday from TechCrunch.
MoviePass immediately secured its systems to prevent further exposure, a spokesperson said in a statement Thursday.
"MoviePass takes this incident seriously ... we are working diligently to investigate the scope," the spokesperson added in an emailed statement. "Once we gain a full understanding of the incident, we will promptly notify any affected subscribers and the appropriate regulators or law enforcement."
More than 160 million records were left unencrypted, TechCrunch reported, citing the findings from cybersecurity company SpiderSilk. The report said the database remained online until TechCrunch reached out to the movie subscription service Tuesday.
MoviePass came under fire last year by reactivating accounts and asking former customers to opt out of being subscribed again. And that came after MoviePass mayhem that included surge pricing at peak times, a temporary service outage attributed to insufficient funding and a Mission: Impossible blackout.
Earlier this month, the company also faced criticism after it was reported that MoviePass.
MoviePass brought back the $9.95 unlimited plan in March this year.
Originally published Aug. 20, 3:29 p.m. PT.
Update, Aug. 22: Adds statement from MoviePass.