Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Mike Moore

One of the world's most popular adult sites leaks millions of records - BangBros users see personal data exposed online

Shocked woman at laptop.

One of the most popular adult sites on the web has suffered an exposure of its own after millions of records were found sitting unprotected online.

An investigation by researchers at Cybernews found an unprotected Elasticsearch cluster containing more than 8GB of sensitive information about BangBros users, including nearly half a million user login records.

Overall, the database was found to be containing 12 million records, including details such as IPs, usernames, locations, feedback messages, and even "model performance statistics".

Online breach

The database was discovered on June 6, and had apparently been indexed on search engines a few days earlier, having apparently been left unsecured due to an inadvertent configuration error.

Cybernews reports that the instance is now closed, but this doesn't mean hackers won't have already got their hands on the data, which could now be used for identity theft or extortion purposes.

“If bad actors managed to get their hands on this data, they might trace and link adult content viewers’ habits to specific individuals. Combined with other private information, this could lead to significant privacy issues, cause personal embarrassment, and result in social stigma in places with conservative attitudes,” said Mantas Kasiliauskis, information security researcher at Cybernews.

The largest part of the leak, the “bangbros_straight” file, contains almost 11 million records, which appear to be from the company's media or content management system.

Cybernews says it contacted BangBros following the discovery, but did not receive any comment - although the issue does appear to have been fixed. TechRadar Pro has also contacted the company for comment, and will update our story if received.

Adult sites have long been a risky proposition for users, with the potential for privacy and security breaches a common one. We'd advise anyone signing up to such sites to make sure their personal data isn't put at risk, and to use a VPN to make sure your browsing habits stay private, alongside multi-factor authentication on all your most important personal accounts.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.