MUOHNED

‼️🇸🇦 Thmanyah allegedly breached: 107,084 subscriber emails and a Bitmovin license key exposed from the leading Arabic podcast and media-tech platform A threat actor is selling a database from Thmanyah, the Saudi media-tech company founded in 2016 in Riyadh and majority-owned by Saudi Research and Media Group (SRMG), which operates the largest Arabic podcast network in the Middle East and North Africa and holds the Guinness World Record for the most-viewed podcast episode on YouTube. The actor states the breach exposed 107,084 subscriber emails along with a Bitmovin video-streaming LICENSE key embedded in the dump. The sample shows internal admin accounts on the thmanyah[.]com domain, user join dates from 2024, language and category preferences across Documentary, Science Fiction, True Crime, Food, and Relationships content, plus Apple Podcasts category mappings and translation metadata. ▸ Actor: lulzintel (GOD User) ▸ Sector: Media / Podcast Platform / Tech ▸ Type: Data Sale (paywalled, 6 forum points) ▸ Records: 107,084 subscriber emails + Bitmovin LICENSE key ▸ Country: Saudi Arabia ▸ Date: 14/05/2026 Compromised data: ▪ Subscriber email addresses (107,084 records) ▪ User ID ▪ Account approval flag (is_approved) ▪ Join date ▪ Language preference (lang, e.g., "en", "ar") ▪ Name ▪ Question fields (q7, q4_2, q5, q6, q1, q2_2, q8, q3, q3_str) ▪ Interests array (e.g., "google_podcast") ▪ VUE_APP_BITMOVIN_LICENSE_KEY (included in the file) ▪ Internal Thmanyah staff accounts visible in sample ▪ Waitlist IDs and category mappings to Apple Podcasts taxonomy (Documentary, Science Fiction, True Crime, Food, Relationships) ▪ Translation pairs (Arabic and English) for category names ▪ Listen/yes flags, device type (e.g., android), age ranges (e.g., 20+, 4_8) Stop guessing what's redacted. Subscribers see everything → https://t.co/281Qjc6p2J