Live adult streaming website CAM4 has reportedly not secured 7TB of users’ information, which may be able to be used for blackmail and identity theft purposes, according to researchers from Safety Detectives.
According to reports, CAM4 users pay to watch live streamed explicit adult content from consenting amateur performers who film themselves and post the content for users’ view. CAM4 reportedly stored the content on a misconfigured and unsecured cloud database that allowed information of millions of users to be accessible without security measures in place.
According to the researchers, the unsecured database included almost 11 billion records, including 11 million emails. The information potentially accessible included users’ first and last names, country of residence, sexual orientation, chat and email transcripts, IP addresses and inter-user conversations. Several hundred users’ full names, credit card types and payment amounts may also have been compromised.
This compromise is reminiscent of the Ashley Madison incident that took place several years ago. The obvious risk in this incident, as with the Ashley Madison incident, is the possibility that cybercriminals can leverage the data leak to try to blackmail users to obtain money for a promise not to expose the individual’s use of the live streaming site to loved ones or the world at large.