… But when that company operates an adult livestreaming service, and that data comprises 7 terabytes of names, sexual orientations, payment logs, and email and chat transcripts—across 10.88 billion records in all—the stakes are a bit higher.
The site is CAM4, a popular adult platform that advertises “free live sex cams.” As part of a search on the Shodan engine for unsecured databases, security review site Safety Detectives found that CAM4 had misconfigured an ElasticSearch production database so that it was easy to find and view heaps of personally identifiable information, as well as corporate details like fraud and spam detection logs.
“Leaving their production server publicly exposed without any password,” says Safety Detectives researcher Anurag Sen, whose team discovered the leak, “it’s really dangerous to the users and to the company.”
URL: https://www.wired.com/story/cam4-adult-cam-data-leak-7tb/