News

Adult sites ImLive, Sexier.com, FetishGalaxy, Supermen.com, Shemale.com, sex.sex, and more leaked personal information from all their porn stars

Information security firm vpnMentor has released a report about a leak of nearly 20 GB of information stored by PussyCash and the websites belonging to this network. This is a network of platforms for models commonly known as “camgirls” formed by popular sites like ImLive, Sexier, FetishGalaxy, Supermen, Shemale, sex.sex, among others. This incident has exposed the information of more than 4,000 models, leaking almost 900k files with sensitive information and that could even have a real impact on the lives of those affected.

The data leaking was found as part of a massive web mapping project, using port scanning, particular IP blocks analysis, and testing systems looking for information leaking. 

In their report, information security
specialists say That PussyCash’s S3 bucket was fully exposed and unencrypted;
using a conventional web browser, experts were able to access all the resources
hosted in the bucket.

Finding the first signs of the data leak,
vpnMentor experts believed that only a few records were exposed in an ImLive
bucket; however, continuing the investigation found that PussyCash was the
company that owned the bucket Amazon
Simple Storage Service (S3).

The discovery took place on January 3 and, just
hours later ImLive, PussyCash and Amazon had being notified. A couple of days
later, ImLive managers responded to the report, although PussyCash still does
not issue any official messages.

Regarding the exposed bucket, it has at least
875,000 keys, which represent different types of files, including videos,
photos, video chat screenshots, marketing content and Zip files. In addition,
information security experts mentioned that, inside each zip folder are many
other files (photos, videos, personal scanned documents), and content that the
researchers decided not to open.

The compromised information includes personal
data and documentation from thousands of models around the world (mainly Europe
and North America), who use these platforms to generate some money through
adult content. The information presented varies depending on the place of
origin of the models; however, the data they must send to these platforms is
similar, so basically general the exposed information consists of:

  • Full
    names
  • Date
    and place of birth
  • Nationality/citizenship
  • Passport
    details
  • ID
    photo
  • Personal
    signature
A Brazilian model’s ID
SOURCE: vpnMentor
An American model’s driver license
SOURCE: vpnMentor

As already mentioned, the files include scans of official documentation and bank cards. As if that weren’t enough, the files also include copies of model contracts with these platforms, including permissions to use your image, which makes the outlook worse for models, information security experts say.

Models’ legal documents
SOURCE: vpnMentor

Among the main risks to which models are exposed
due to this incident are:

  • Identity
    theft
  • Electronic
    fraud
  • Extortion
  • Possible
    breach of contract with the chat platform
  • Harassment,
    among others,

Information security specialists from the
International Institute of Cyber Security (IICS) believe that the company may
have prevented this mass-reporting by implementing a few basic security
measures, such as the establishment of appropriate access rules, ensuring your
servers and enabling multi-factor authentication. While these are elementary
measures, their absence remains the cause of most similar incidents reported,
even above cyberattacks. 

You Might Also Like