A famous website for adult entertainment, BangBros features a lot of explicit stuff, including live cam shows, pictures, and movies has exposed private user data such as IP addresses, usernames, locations, messages left in response, and statistics on the performance of the model. A massive, unprotected online database with 12 million records was discovered by Hackingblogs team.
Attackers can monitor and connect specific persons’ viewing patterns of adult content with this data if they manage to obtain access to it. Serious privacy concerns, societal judgement, and even blackmail may result from this.
You should use fake names, make different email accounts, avoid giving out too much personal information on sexual websites, and be cautious of phishing scams. Your IP address can be hidden and your internet traffic can be encrypted by using a VPN.
The Cybernews team found an unsecured Elasticsearch cluster on June 6th that held over 8GB of private data of BangBros subscribers. The data’s nature and contents strongly imply that the database is the company’s.
What is Elastic Search (Bangbros)
Based on Apache Lucene, Elasticsearch is a distributed search and analytics engine. Elasticsearch, which has gained the most attention since its launch in 2010, is frequently utilised for use cases involving log analytics, full-text search, security intelligence, business analytics, and operational intelligence.
There is a chance that the material has also been accessed and exfiltrated by criminals or other outside parties.
The following are among the sensitive data exposed in the leak:
- User agents (kind of device, operating system, browser, version, setup, etc.)
- Notes (responses)
- Country Geolocation (which may be obtained from IP) (latitude and longitude to four decimal places, or a precision of about 11 metres or 36 feet)
- Model names, descriptions, and genders
- Model data (views, downvotes, and upvotes)
- Internet Protocol (IP) addresses and usernames
“Although the credentials were not leaked directly, hackers can associate the IP addresses with the identity from other leaks,”
Kasiliauskis
It is advised to use aliases rather than actual names, create secondary email accounts unrelated to the main ones, provide as little personal information as possible on adult websites, and be cautious of phishing efforts and suspicious connection regarding pornographic websites.
