A host of popular ‘camgirl’ pornographic websites have exposed countless of users and sex workers after the company which runs these websites have left the backend-database completely unprotected. The camgirl websites that are run by VTS Media which is based in Barcelona include websites such as amateur.tv, webcampornoxxx.net and placercams.com. Majority of the websites users and stars are based in Spain and Europe with evidence claiming that users are located in other parts of the world as well.
The exposed database which contains months-worth of logs of the sites activities had been left exposed for weeks. These logs exposed sensitive information such as detailed records of when a user logged in, including usernames and sometimes their user-agents and IP addresses, which can be used to identify users, a report by TechCrunch stated. Apart from this, what’s even scarier is that the exposed logs also contained users’ private chats with other users along with promotional emails they received from various other websites. The logs also contained storing usernames, failed login attempts as well as passwords in plaintext.
Shockingly, the exposed data also showed which videos users were viewing and renting thereby exposing their kinks and private sexual preferences.
In the logs, there was detailed information to see which users was logging in, where they were logging in from, and more often than not, their email addresses or other identifiable information which could in some cases match real-world identities.
Apart from the users, the camgirls who broadcast themselves also had their personal information exposed.
TechCrunch reports that the database was shut off last week.
The exposed database was discovered by Condition:Black, a cybersecurity and Internet freedom organization.
John Wethington, founder of Condition:Black said, “This was a serious failure from a technical and compliance perspective. After reviewing the sites’ data privacy policy and terms and conditions, it’s clear that users likely had no idea that their activities being monitored to this level of detail.”
He went on to say, “Users should always take into consideration the implications of their data leaking but especially where the implications could be life altering.”
Data exposures are rapidly becoming a commonplace where companies inadvertently leave their systems open for anyone to exploit —and dating sites are among those with the maximum amount of sensitive information.
