Nov 17, 2021
105 Views
0 0

200M Adult Cam Model, User Records Exposed in Stripchat Breach

Written by

Newsletter
Join thousands of people who receive the latest breaking cybersecurity news every day.
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
Share this article:
The leak included model information, chat messages and payment details.
A database containing the highly sensitive information on both users and models on the popular adult cam site StripChat were discovered online, left completely unprotected. The data exposure puts models and users at risk of extortion, violence and more.
Stripchat is a popular site founded in 2016 and based in Cyprus that sells live access to nude models.
Volodymyr “Bob” Diachenko, head of security research Comparitech, reported that he discovered the database on an Elasticsearch cluster on Nov. 5. It contained about 200 million Stripchat records, he said, including 65 million user records containing email addresses, IP addresses, the amount in tips they gave to models, a timestamp of when the account was created and the last activity.
Another database contained about 421,000 records for the platform’s models, including their usernames, gender, studio IDs, tip menus and prices, live status and what is called their “strip score.”
It’s unclear if anyone with nefarious purposes managed to access it before it was secured on Nov. 7.
“The exposure could pose a significant privacy risk for both Stripchat viewers and models,” Diachenko said. “If the data was stolen, they could face harassment, humiliation, stalking, extortion, phishing and other threats, both online and offline.”
Register now for our LIVE event!
Stripchat user and model information could also be used in targeted phishing campaigns.
“Victims should be on the lookout for targeted phishing emails from fraudsters posing as Stripchat or a related company,” Diachenko  warned. “Never click on links or attachments in unsolicited emails.”
The exposure was reported to Stripchat on Nov.5, with multiple contact points via email and Twitter susequently. While the company didn’t directly respond to Diachenko’s disclosure, he said that as of Nov. 7, the data was secured.
“Sites like Stripchat should have stronger security practices and at least employ incident response protocols when receiving alerts like this from the security community,” he told Threatpost.
Lewd phishing lures are increasingly being used in business email compromise (BEC) campaigns, according to research that GreatHorn published last summer. The firm found a stunning 974-percent uptick in social-engineering scams using salacious material, mostly aimed at employees with male-sounding names.
“It doesn’t always involve explicit material, but the goal is to put the user off balance, frightened – any excited emotional state – to decrease the brain’s ability to make rational decisions,” according to the report.
Being confronted at work with past Stripchat activities would certainly make rational thinking difficult.
The pandemic has been a boon to cybersex sites like Stripchat: The company said that following the onset of the pandemic and lockdowns, the platform saw a 72 percent rise in traffic and added 906,181,416 new users in 2020.
But, as these platforms gain users, they become bigger targets for attacks.
Stripchat joins a long and illustrious list of companies with leaky clouds, VIP Games exposed the user data of 66,000 users early in 2021. Dating sites, even Hobby Lobby, all have fallen victim to a misconfigured cloud. And it’s not just the private sector. Last summer, Diachenko found an exposed Elasticsearch cluster containing 1.9 million terrorist watchlist records.
When it comes to public-facing cloud storage, Diachekno called on organizations to do much more to protect their data.
“Exposure of records through misconfiguration is a major issue whether we are talking about public cloud misconfigurations or of any service exposed to the internet,” he said in an email to Threatpost. “Organizations needs to continuously monitor all resources deployed in their enterprise to minimize risks of such exposure. Such records can be sold on the dark web or used for further attacks especially if credentials are involved.”
Want to win back control of the flimsy passwords standing between your network and the next cyberattack? Join Darren James, head of internal IT at Specops, and Roger Grimes, data-driven defense evangelist at KnowBe4, to find out how during a free, LIVE Threatpost event, “Password Reset: Claiming Control of Credentials to Stop Attacks,” on Wed., Nov. 17 at 2 p.m. ET. Sponsored by Specops.
Register NOW for the LIVE event!
 
 
Share this article:
Malicious groups disable features in Alibaba Cloud ECS instances for Monero cryptojacking, according to Trend Micro researchers.
The alert was mumbo jumbo, but it was indeed sent from the bureau’s
email system, from the agency’s own internet address.
Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile.


This site uses Akismet to reduce spam. Learn how your comment data is processed.
Join thousands of people who receive the latest breaking cybersecurity news every day.
A security vulnerability in @Intel chips opens the door for encrypted file access and espionage, plus the ability t… https://t.co/ASx2OgjocL
2 days ago
Get the latest breaking news delivered daily to your inbox.
The First Stop For Security News
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.

source

Article Categories:
Cloud Security

Comments are closed.