CAM4 Data Leak Exposes Personal Data of Millions of Users
The digital world is once again tainted by a highly sensitive data leak that puts millions of users at risk of blackmail attempts, identity theft and fraud.
A team of security researchers led by Anurag Sen recently uncovered a leaky database from CAM4, a popular live-streaming adult website. Housed on a misconfigured Elasticsearch server, the unsecure database exposed around 7TB of personal information from platform users and members.
You can also check if your private data has been exposed online! Use Bitdefender”s Digital Identity Protection tool to see where you stand at the moment and what the internet knows about you.
Among the cluster of 10 billion records, the analysists discovered information of CAM4 users, including:
â€¢ First and last names
â€¢ Email addresses and password hashes
â€¢ Country of origin and sign-up dates
â€¢ Gender preference and sexual orientation
â€¢ Device information
â€¢ Miscellaneous user details such as spoken language
â€¢ Usernames and user conversations
â€¢ Payments logs including credit card type, amount paid and applicable currency
â€¢ Transcripts of email correspondence
â€¢ Inter-user conversations
â€¢ Chat transcripts between users and CAM4
â€¢ Token information
â€¢ IP addresses
â€¢ Fraud and Spam detection logs
After rounding up the personal information, the team was able to pinpoint 11 million records containing emails, 26.3 million containing passwords hashes, and less than 1,000 revealing full names, credit card types and amounts paid to view explicit content on the website.
“US, Brazilian and Italian users were the most heavily affected although the precise number of email records is difficult to gauge accurately due to multiple entries being duplicated,” said researchers.
“The fact that a large amount of email content came from popular domains such as Gmail, Hotmail and iCloud â€” domains that offer supplementary services such as cloud-storage and business tools â€” means that compromised CAM4 users could potentially see huge volumes of personal data including photographs, videos and related business information leaked to hackers â€” assuming their accounts were eventually hacked via phishing as one example,” they later added.
Although the database was immediately taken down by parent company Granity Entertainment, the logs date back to March 16, and cybercriminals could have already scraped the information.
Moreover, let”s not forget the Ashley Madison data breach scandal â€“ victims are still being targeted with blackmail and sextortion campaigns 5 years after the incident.
Given the sensitive nature of the exposed info, the aftermath of the recent data leak could have serious consequences, leaving CAM4 members vulnerable to targeted attacks and phishing emails. On top of any financial losses that may occur, victims can suffer damaging psychological effects, following multiple blackmail attempts or defamation.
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight
April 15, 2022
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users
April 14, 2022
Why and how to hide your IP address while traveling
April 13, 2022
How Bitdefender Can Help Restore Your Privacy in the Digital Age
April 04, 2022
How Strong is VPN Encryption?
February 28, 2022
Top Three Ways Internet Users Unknowingly Help Cybercriminals
February 25, 2022