One of the world’s most popular adult sites leaks millions of records - BangBros users see personal data exposed online

BangBros leak sees 12 million records left unsecured online

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

One of the most popular adult sites on the web has suffered an exposure of its own after millions of records were found sitting unprotected online.

An investigation by researchers atCybernewsfound an unprotected Elasticsearch cluster containing more than 8GB of sensitive information about BangBros users, including nearly half a million user login records.

Overall, the database was found to be containing 12 million records, including details such as IPs, usernames, locations, feedback messages, and even “model performance statistics”.

Online breach

The database was discovered on June 6, and had apparently been indexed on search engines a few days earlier, having apparently been left unsecured due to an inadvertent configuration error.

Cybernews reports that the instance is now closed, but this doesn’t mean hackers won’t have already got their hands on the data, which could now be used foridentity theftor extortion purposes.

“If bad actors managed to get their hands on this data, they might trace and link adult content viewers’ habits to specific individuals. Combined with other private information, this could lead to significant privacy issues, cause personal embarrassment, and result in social stigma in places with conservative attitudes,” said Mantas Kasiliauskis, information security researcher at Cybernews.

The largest part of the leak, the “bangbros_straight” file, contains almost 11 million records, which appear to be from the company’s media or content management system.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Cybernews says it contacted BangBros following the discovery, but did not receive any comment - although the issue does appear to have been fixed. TechRadar Pro has also contacted the company for comment, and will update our story if received.

Adult sites have long been a risky proposition for users, with the potential for privacy and security breaches a common one. We’d advise anyone signing up to such sites to make sure their personal data isn’t put at risk, and to use aVPNto make sure your browsing habits stay private, alongside multi-factor authentication on all your most important personal accounts.

More from TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK’s leading national newspapers and fellow Future title ITProPortal, and when he’s not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Samsung plans record-breaking 400-layer NAND chip that could be key to breaking 200TB barrier for ultra large capacity AI hyperscaler SSDs

Adobe’s decision to eliminate perpetual licensing for its Elements software has stirred controversy among consumers

Red One isn’t perfect but it proves we need more action-packed Christmas movies