324 Million MagentaTV Logs Exposed Online – What This Case Reveals About Data Security

The numbers are impressive – and alarming: Over an unsecured Elasticsearch database, 324 million log entries from the streaming platform MagentaTV were publicly accessible. Affected: Data from an estimated 4.4 million customers.

The security gap was not discovered internally but by the security experts at Cybernews. The database did not belong directly to Deutsche Telekom but to the French AdTech company Equativ and its subsidiary Serverside.ai, which handles server-side ad insertion (SSAI) for MagentaTV.

What Data Was Exposed?

According to the researchers, the log files contained:

• Users’ IP addresses
• Session IDs for active sessions
• Internal customer IDs
• User-Agent strings of the devices used

In combination with other data breaches, attackers could use such information to create user profiles or target devices. Particularly relevant: MagentaTV often runs on set-top boxes from Chinese OEM manufacturers, which have repeatedly been associated with security vulnerabilities in the past.

Exposed for Months – and Unnoticed

According to Cybernews, the unsecured instance was accessible since at least February 2025. It was only in June – after being reported by the researchers – that the gap was closed.

This means: For four months, third parties could have accessed the data without it being noticed internally.

Responsibility Despite External Providers

Telekom emphasized to the media that no sensitive data such as names, addresses, or payment information was affected and that customers did not need to take any special protective measures.

The fact is, however: Even if the affected database was with an external provider, the responsibility for the security of customer data remains with the provider – in this case, Telekom.

An Incident with Two Sides

On one hand, the case shows how complex modern platform architectures are: Besides the actual service provider, numerous partners, subcontractors, and external systems are often involved. This makes it more challenging to consistently monitor high security standards.

On the other hand, it underscores that data security is not ensured solely through technology but primarily through processes and control – especially with outsourced services.

Conclusion

We continue to see Telekom as an important player in the German market – and appreciate that a major provider offers alternatives to international streaming platforms here. Precisely for this reason, it is crucial that data protection and security are consistently enforced even in complex supply chains.

A data breach of this magnitude should prompt a significant tightening of security audits with partners and service providers. Trust is not only built by closing a gap but above all by ensuring that such gaps do not arise in the first place.

Further Reading

• Kubernetes can provide freedom – if done right
• Zero Trust Network Access (ZTNA) with NetBird
• Sovereign Cloud: Ambition, Reality, and Technical Solutions