Leaky platform at Chinese adult platform exposed sensitive info of 14 million users
A leaky database belonging to Hjedd, an infamous Chinese-based adult platform, has exposed personal information linked to more than 14 million user accounts.
According to security researcher Anurag Sen, the servers of the NSFW platform had been found leaking more than 24 GB of files with user information, and the server continues to update itself, leaking more information every second.
The researcher said that no security or authentication was required to access the exposed server and exfiltrate user info, including:
- Usernames and nicknames
- Phone numbers
- Member details
- Email addresses
- Bcrypt hashed passwords
- IP addresses and details
- Messages between users containing sensitive information
Unfortunately, for users, their exfiltrated data has already surfaced on a dark web forum. Researchers at Hackread have discovered that cybercriminals have posted a free download of the Hjedd database, which encompasses the data of over 13.4 million user accounts.
Unfortunately for users, their exfiltrated data has already surfaced on a dark web forum. Researchers at Hackread have discovered that cybercriminals have posted a free download of the Hjedd database, which includes data of over 13.4 million user accounts.
Threats to user privacy and online security
Given the extent of the breach and sensitive information found in the leaky server, cybercriminals could easily conduct targeted phishing and extortion campaigns against users by threatening to reveal their identities to friends and family.
Individuals are also at risk of account takeover attacks, as seasoned cybercriminals could crack the encrypted hashes of the passwords to reveal them in plain text and attempt to hijack accounts and steal financial info.
Want to stay on top of data breaches, leaks and privacy issues to thwart cybercrooks seeking to abuse your data? Then check out Bitdefender Digital identity Protection, our privacy-focused tool that helps you easily manage and monitor your digital footprint and defend against potential security risks.
You get real-time data breach alerts and a handy tool to sniff out social media doppelgangers who could ruin your online reputation alongside a 360-degree view of your digital footprint and personal data exposure throughout the years.
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022