LOS ANGELES — It is the headline that no adult website user wants to see: their site of choice was hacked and its user data disseminated to criminals.
While news of data breaches revealing consumers’ personal details is commonplace, unlike most hacks that compromise basic information such as name, address, birth date, Social Security number and more, when porn consumption is involved, the risk of damage rises exponentially — and includes the potential for some persistent blackmail attempts — with the nastier the porn, the more tempting the target.
Enter the newest breach to raise eyebrows, the hack of Luscious.net, where a data leak was recently discovered by vpnMentor researchers Noam Rotem and Ran Locar.
“Luscious is a niche pornographic image site focused primarily on animated, user-uploaded content. Based on the research carried out by our team, the site has over 1 million registered users. Each user has a profile, the details of which could be accessed through our research,” the team reported. “Private profiles allow users to upload, share, comment on and discuss content on Luscious. All of this is understandably done while keeping their identity hidden behind usernames.”
But unfortunately, the identity of these users did not remain hidden.
The team discovered details over 1 million users, including their username, personal email address, gender and their country of residence, along with activity logs revealing the date the user joined and their most recent log-in; and noted that some users’ email addresses indicated their full names, increasing their vulnerability to exploitation and cybercrime.
In addition, the breach revealed the number of image albums the user-created, the videos they uploaded, their comments, blog posts, favorites, and their followers along with the accounts they followed, as well as a User ID number revealing membership activity status.
“The highly sensitive and private nature of Luscious’ content makes users incredibly vulnerable to a range of attacks and exploitation by malicious hackers,” the report explained. “While the data breach is now closed, it’s still possible that other hackers could have accessed it earlier and extracted the same data we viewed.”
The team found that affected users are located around the world, in Europe, Asia, Australia and the Americas, with official government email addresses used by members from Australia, Brazil, Italy and Malaysia.
“The impact of this data breach on users could be devastating, personally and financially. Activity on adult sites like Luscious is the most private in nature, and nobody ever expects it to be revealed,” the team noted. “Its exposure could be ruinous for a victim’s relationships and personal lives.”
For more information on the data breach, click here.