15:11 GMT +315 December 2019
Listen Live
    Explicit material

    Popular Hentai-Porn Site Security Lapse Exposed 1.2 Million 'Anonymous' User Profiles

    © CC0
    Tech
    Get short URL
    by
    0 12
    Subscribe

    Researchers discovered the website's security vulnerability on 15 August and tried to contact its owner the following day, but their initial efforts to pass on the information and get the database secured were to no avail. Action was taken only three days later.

    If you're into hentai and manga porn and are using the fetish adult website Luscious, make sure you change your account details, as Noam Rotem and Ran Locar from vpnMentor's research team claim to have uncovered a massive data breach.

    According to them, the security lapse gave them access to 1.195 million supposedly anonymous user accounts and their email address on Luscious, a niche website, focused on Japanese cartoon porn.

    Those roughly 1.2 million users, who "anonymously" uploaded images, videos of animated porn and blog posts to the website, as well as their followers, accounts of followers, and the number of likes, have been exposed, with many of the authors' identities revealed.

    The research allowed it to access user profiles from around the world, with many people allegedly joining Luscious on official government emails, with examples spanning from Australia and Malaysia to Italy and Brazil.

    "The highly sensitive and private nature of Luscious' content makes users incredibly vulnerable to a range of attacks and exploitation by malicious hackers", Rotem and Locar warned, adding that while the database has now been secured, "it's still possible that other hackers could have accessed it earlier and extracted the same data we viewed".

    The breach was discovered on 15 August, but is believed to have been exposed since at least 4 August; the website's owner was contacted the following day.

    "We will be reaching out to any compromised user to warn them about the potential exposure of their private email addresses", the Luscious owner told TechCrunch.

    Action to secure the database was taken on 19 August.

    Tags:
    anomymous users, users, Exposed, porn site, porn, database, data breach, breach, security
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik