According to cybersecurity site CyberNews, porn site BangBros is suspected of leaking information about users and models.
In June, CyberNews researchers discovered over 8 gigabytes of sensitive information about BangBros users, including IP addresses, usernames, messages, country and location information, model names, ages, and descriptions.
Should I use a VPN to watch porn?
“While no credentials were directly leaked, the hackers are able to link the IP addresses with other leaked information,” Mantas Kasiliauskis, an information security researcher at CyberNews, explained in the report.
Mashable After Dark
The sensitive information was stored in an unsecured instance of Elasticsearch, a searchable distributed document storage system typically used for large amounts of data. The largest leaked file contained around 11 million records. CyberNews researchers claim that an “inadvertent configuration error” is likely the reason this data ended up unsecured.
CyberNews reached out to BangBros and the error has been fixed, but CyberNews says users are still at risk if an adversary gains access to the data.
“If a malicious actor could obtain this data, they could potentially track adult viewing habits back to specific individuals,” Kasiliauskis said. “When combined with other personal information, this could raise significant privacy issues, personal embarrassment and, in more conservative areas, social stigma.”
Mashable has reached out to BangBros for comment and will update if we hear back.
