A breach in the security of an ADULT webcam site has exposed the data of millions of users and models.

StripChat, which is one of the top five adult cam sites on the internet, suffered the breach earlier this month.


The website was hacked earlier this monthCredit: StripChat
The site alerted visitors to the breach on Friday


The site alerted visitors to the breach on FridayCredit: StripChat

Security researcher Bob Diachenko discovered that the website exposed his ElasticSearch database cluster online without a password for more than three days.

During this period, from November 4 to 7, millions of user information and camera models were exposed.

Diachenko documented his findings in a blog post on Tuesday, showing the severity of the hack.

The information of more than 65 million users was exposed in three days. This included their usernames, email, IP addresses, tip balance, and last login date.

At least 421,000 information about the models, including their prices, username and gender, were also on display.

Information on 134 million pending transactions has been disclosed, however, no information has been released regarding payment details.

Finally, information on at least 719,000 chat messages. However, no content of the private messages was revealed.

Diachenko said he informed the website of the breach as soon as he spotted it, which led to the site being secured days later.

Speaking about the impact of the breach, Diachenko said, “The exposure could be a digital and physical threat to Stripchat viewers and models. Of particular concern are IP addresses, which can be used to get closer to someone’s location.

“They could allow someone to find and track down, harass or even assault someone in the database.

“Besides physical violence, identifying information could be used to extort, intimidate or humiliate victims who believed their online activities were private,” he added.

The Sun contacted StripChat for comment but did not receive an immediate response.

The site released a statement to its users on its website on Friday, stating that “we are satisfied that passwords, payment details and account verification documents have not been viewed.”

The hack exposed the data of more than 65 million users


The hack exposed the data of more than 65 million usersCredit: Getty Images – Getty

We pay for your stories!

Do you have a story for the US Sun team?