[BreachExchange] Female escort review site data breach affects 470, 000 members
Destry Winant
destry at riskbasedsecurity.com
Fri Feb 5 10:56:51 EST 2021
https://www.bleepingcomputer.com/news/security/female-escort-review-site-data-breach-affects-470-000-members/
An online community promoting female escorts and reviews of their
services has suffered a data breach after a hacker downloaded the
site's database.
EscortReviews.com is an adult online vBulletin forum community that
allows US and Mexico-based escorts to promote their services, share
profile pictures, contact information, and biographies to prospective
clients. Clients can then post reviews about their experiences with
the particular escort.
The site is very active with over 2.4 million topics, 12.5 million
posts, and over 470,000 members.
EscortReviews.com member and post stats
Hackers posts stolen vBulletin database
This weekend a threat actor posted a link to a stolen vBulletin forum
database for the EscortReviews.com website.
Leaked EscortReviews.com database
This database contains the registration information for over 472,695
members, including their display name, email address, MD5 hashed
passwords, optional Skype account names, optional birthday, and IP
address.
Database sample
In a sample shared by cybersecurity intelligence firm Cyble, the most
recent data is from September 2018.
BleepingComputer has reached out to some of the users listed in the
database to confirm if the information belongs to them and is
accurate. Only one member replied, who stated that the data is
correct.
The site is currently displaying a vBulletin database error to
visitors. It is unknown if the site is disabled due to the database's
posting or if the site was permanently shut down.
vBulletin error at EscortReviews.com
The last cached Google search page from the site is from January 21st, 2021.
The site ran vBulletin 3.8.9, which has known vulnerabilities that
could allow attackers to breach the site. It is unknown if the forum
was hacked using one of these vulnerabilities or if the site left an
unsecured backup of the database online.
As the site uses MD5 hashed password, which can easily be cracked, it
is strongly advised that members change their passwords at other sites
using the same one.
Members of the EscortReviews.com site can also check if their
information is part of the data breach using Cyble's AmIBreached data
breach notification services.
Adult site data breaches can be devastating
Data breaches for adult sites, such as those promoting escort services
or dating, can be devastating to members if their information is
exposed publicly.
This information can be used by threat actors to perform targeted
blackmail or sextortion attacks, such as the attacks that occurred
after the 2015 Ashley Madison data breach.
Even worse, there are known cases of data breaches leading to people
committing suicide after information about their activities was posted
online.
More information about the BreachExchange
mailing list