Report: Cam Network Exposed Sex Workers, Fans' Personal Data

Report: Cam Network Exposed Sex Workers, Fans' Personal Data

LOS ANGELES — A recent report declaring that “millions” of live cam fans and models have had their personal data exposed is being countered by the company involved.

Claiming “a network of ‘camgirl’ sites exposed millions of users and sex workers,” TechCrunch’s Zack Whittaker reported that an unencrypted database was found to contain months of “daily logs of the site activities [and] left without a password for weeks.”

The security breach is said to have taken place between May 24 and September 4.

The cam network, Barcelona-based VTS Media, serves its global audience through several popular live chat sites, including Amateur.tv, WebcamPornoxxx.net and PlacerCams.com.

Besides user data, some account and personal information about the network’s cam performers was also reportedly revealed, creating concerns for cammers and their fans alike over issues of security and social stigma.

“Those logs included detailed records of when users logged in — including [their] usernames and sometimes their user-agents and IP addresses, which can be used to identify users. The logs also included users’ private chat messages with other users, as well as promotional emails they were receiving from the various sites,” Whittaker said. “The logs even included failed login attempts, storing usernames and passwords in plaintext.”

Cybersecurity firm Condition:Black was credited with exposing the open database, which has since been locked.

“This was a serious failure from a technical and compliance perspective,” said Condition:Black’s John Wethington. “After reviewing the sites’ data privacy policy and terms and conditions, it’s clear that users likely had no idea that their activities being monitored to this level of detail.”

“Users should always take into consideration the implications of their data leaking but especially where the implications could be life altering,” Wethington added.

While data leaks are nothing new, and little seems to come from them, Whittaker noted that VTS Media and its European-based servers are subject to the GDPR — a strict law where sexual preferences are a “special category” of data requiring more stringent protections, with violations incurring fines of up to four percent of the company’s annual gross income.

XBIZ and industry stakeholders have warned website owners about the General Data Protection Regulation and the near-impossibility of compliance; the need to make a good-faith effort; and the stiff penalties for not doing so. Indeed, last year’s XBIZ Show and FSC Leadership Conference hosted a special session detailing the complexities and seriousness of the GDPR requirements.

VTS Media issued a statement clarifying the situation and asserting its compliance with the GDPR. The company thanked Condition:Black for the warning and vowed to work with the Spanish Data Protection Agency to resolve the issue.

Among the statement’s revelations is a counter to the claim of “millions of users” being exposed with a more manageable number of “about 330,000 users.”

“[All] of the data stored in our main database is encrypted and unreachable. There are no payment, billing, card or password data compromised. Card payments are processed by an external provider specialized in handling this type of sensitive data,” a company representative stated. “Users’ passwords have not been compromised and are not kept as plain text; therefore, they do not need to be changed by the users.”

The rep explained that the data that has been exposed consists of technical logs, which are automatically erased after six months, and “exclusively used for technical reviews, quality controls and to solve our users’ requests.”

“For these users, the only potentially exposed data are their email and IP address, not the password. Even though this data has been exposed, it does not mean that it has reached anyone else’s hands, because as of today we are not aware that anybody, except the security company that discovered the breach, has accessed these data,” the rep revealed, underscoring that no passwords appeared in plain text in the logs. “What has been reported as a leak of private passwords actually consists of failed attempts to access the site and these have always been encrypted, thus never appearing in plain text.”

The company had to temporarily use additional servers to store its support logs “due to a global technical issue,” and revealed that human error resulted in incorrect firewall policies being implemented on these servers.

The rep also noted that less than one-half of one percent of the network’s models had any data exposed and that these models would be contacted by the company.

“As far as we are aware,” the rep concluded, “no one aside from those who discovered the breach had access to the data nor [have] those technical logs been downloaded or published on the internet.”

Those who have concerns over their potential exposure can email privacy@vtsmedia.com for more information.

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Adult Industry Educational, Networking Platform 'Imperfectly You' Launches

Imperfectly You, an educational and networking platform for adult industry workers, has officially launched.

Segpay to Launch News Network for High-Risk Merchants

Segpay has announced that it will launch the Segpay News Network (SNN) on April 15.

Age Verification Watch: Patching the Holes

This roundup provides an update on the latest news and developments on the age verification front as it impacts the adult industry.

Pineapple Support to Host Autism Spectrum Support Group

Pineapple Support is hosting a free online support group for performers and creators who are, or suspect they may be, on the autism spectrum.

ImLive Launches Revamped Member Loyalty Program

Cam platform ImLive has revamped its member loyalty program.

GoFundMe Set Up for Danny Ferretti's Medical Expenses

A GoFundMe campaign has been set up for Fangear founder Danny Ferretti, who requires extensive lung surgery.

Byborg Acquires Cuties AI

Byborg Enterprises has acquired adult artificial intelligence startup Cuties AI.

Irish Government Releases Report on Sex Work Decriminalization Legislation

The Irish government has released a report reviewing a 2017 law that decriminalized sex work across the country.

Texas Bill Would Require Age Verification for Online Sex Toy Sales

A new bill in the Texas state legislature would require online retailers to implement age verification of purchasers before selling “obscene devices” to anyone in that state.

New York Assemblyman Proposes Banning the Term 'Sex Work'

Republican New York Assembly Member Brian Maher has introduced a bill to prohibit the use of the term "sex work" in government documents.

Show More