7TB data from users and members of the popular live streaming site CAM4 for adults have been leaked.
CAM4 has about 2 billion visitors each year, and its members broadcast more than 1 million adult hours each week, with more than 75.999 private shows being aired daily.
Private conversations and IP addresses were displayed
The security team Security Detectives, led by him Anurag Sen, was the first to locate the exposed CAM4 database, which was then downloaded directly from its parent company Granity Entertainment.
In addition, 11 million of the nearly 11 billion files found in the exposed database contained at least one email address from a variety of email providers, including gmail.com, icloud.com and hotmail.com.
Based on the results analyzed by the insecure CAM4 database, more than 6,5 million of the users exposed were residents of USA, more than 5,3 million were from Brazil and 4,8 million from Italy. In addition, 4,1 million French and 3 million Germans were also affected.
These data could possibly be used by attackers as part of a wide range of targeted attacks. users and members of CAM4, from highly convincing e-fishing attacks and blackmail campaigns to identity theft and various types of fraud.
Data leaks from adult sites have a serious impact on users, as attackers can blackmail them. victims for a long time, threatening to reveal the details to their wives. In addition, there have been cases where malicious agents have also attacked unsuspecting spouses. In fact, there have been incidents where victims of blackmail have committed suicide.
To reduce the likelihood of this happening, Elastic NV advises database administrators to insure their ElasticSearch clusters by "preventing unauthorized access, password protection, role-based access control and IP filtering", as well as setting passwords for built-in users. On the Elastic NV website, administrators can also find a quick one guide on how to insure ElasticSearch clusters.