[BreachExchange] Female escort review site data breach affects 470, 000 members

Fri Feb 5 10:56:51 EST 2021

https://www.bleepingcomputer.com/news/security/female-escort-review-site-data-breach-affects-470-000-members/

An online community promoting female escorts and reviews of their
services has suffered a data breach after a hacker downloaded the
site's database.

EscortReviews.com is an adult online vBulletin forum community that
allows US and Mexico-based escorts to promote their services, share
profile pictures, contact information, and biographies to prospective
clients. Clients can then post reviews about their experiences with
the particular escort.

The site is very active with over 2.4 million topics, 12.5 million
posts, and over 470,000 members.

EscortReviews.com member and post stats

Hackers posts stolen vBulletin database

This weekend a threat actor posted a link to a stolen vBulletin forum
database for the EscortReviews.com website.

Leaked EscortReviews.com database

This database contains the registration information for over 472,695
members, including their display name, email address, MD5 hashed
passwords, optional Skype account names, optional birthday, and IP
address.

Database sample

In a sample shared by cybersecurity intelligence firm Cyble, the most
recent data is from September 2018.

BleepingComputer has reached out to some of the users listed in the
database to confirm if the information belongs to them and is
accurate. Only one member replied, who stated that the data is
correct.

The site is currently displaying a vBulletin database error to
visitors. It is unknown if the site is disabled due to the database's
posting or if the site was permanently shut down.

vBulletin error at EscortReviews.com

The last cached Google search page from the site is from January 21st, 2021.

The site ran vBulletin 3.8.9, which has known vulnerabilities that
could allow attackers to breach the site. It is unknown if the forum
was hacked using one of these vulnerabilities or if the site left an
unsecured backup of the database online.

As the site uses MD5 hashed password, which can easily be cracked, it
is strongly advised that members change their passwords at other sites
using the same one.

Members of the EscortReviews.com site can also check if their
information is part of the data breach using Cyble's AmIBreached data
breach notification services.

Adult site data breaches can be devastating

Data breaches for adult sites, such as those promoting escort services
or dating, can be devastating to members if their information is
exposed publicly.

This information can be used by threat actors to perform targeted
blackmail or sextortion attacks, such as the attacks that occurred
after the 2015 Ashley Madison data breach.

Even worse, there are known cases of data breaches leading to people
committing suicide after information about their activities was posted
online.