VTS Media, a Barcelona-based company that runs a network of cam websites, has leaked the data of numerous users and sex workers after its backend database was left unprotected.
Cybersecurity firm Condition:Black discovered the information, which came from websites such as webcampornoxxx.net, placercams.com, and amateur.tv. Most of the traffic was from mainland Europe, but the sites also had a sizeable user base in the UK and US.
The data was not password protected or encrypted; usernames, email addresses and IP addresses were stored in plaintext. Activity logs and chat messages were easily accessible as well.
TechCrunch reports that “millions” of users were affected by the leak. However, a VTS Media spokesperson claims the number is actually closer to 330,000.
The company is also insisting that “100% of the data stored in [the] main database is encrypted and unreachable”, and that users won’t need to change their passwords.
It is possible the security breach may have taken place as early as 24th May.
Condition:Black founder John Wethington told TechCrunch: “This was a serious failure from a technical and compliance perspective.
“After reviewing the sites’ data privacy policy and terms and conditions, it’s clear that users likely had no idea that their activities being monitored to this level of detail.”
Last month 250,000 users of a sex worker website in The Netherlands had their private details accessed, with an unnamed hacker attempting to sell the information.
Read more here.