«

»

Feb 23 2012

Print this Post

Manwin’s YouPorn Debug File Exposure Hits a Million Users – Is YOUR Personal Information at Risk From Accessing Their Porn??

 
By , 23 February, 2012 09:04
 
About this blog
ZD Staff

Communication Breakdown

Communications from the world of, er, communications. And other stuff.

 
The personal data of more than a million pornography connoisseurs has been exposed, after the YouPorn site was found to be storing email address and passwords on a public-facing server.It appears that the information was being stored in a debug log file with a publicly accessible URL, according to security expert Anders Nilsson of the Swedish firm EuroSecure. Nilsson noted that, judging from the contents of the log file, it had been publicly accessible since around November 2007, and had been showing new registration data ever since then.

“For a security professional it is baffling how coders working on a website with such sensitive content can make mistakes of this magnitude,” Nilsson wrote in a blog poston Wednesday. “Allegedly hundreds of megabytes of data has been secured by people with unknown goals. Cyber criminals can easily go through these e-mail addresses and match them with passwords and this way gain access to e-mail accounts.”According to the security expert, the debug log file was found on Tuesday, probably by “someone sweeping websites for publicly accessible, but hidden folders”.

Nilsson added that, once criminals are in people’s accounts, they can “secure even more sensitive information to use in phishing attacks, theft, or fraud”. He suggested that hackers were already going through the lists, correlating email addresses with Facebook and email accounts and trying the listed YouPorn passwords — with some success.

“Hackers… have posted some intimate pictures found in some users’ sent/received email,” Nilsson wrote.

Nilsson pointed out that many people still use the same passwords for most or all the services they use online, making it easier for miscreants to make use of information such as that taken from the YouPorn site.

As an aid to demonstrating how weak passwords can be, Nilsson also posted a series of statistics showing the most commonly chosen character sequences.

Permanent link to this article: http://porninthevalley.com/2012/02/23/manwins-youporn-debug-file-exposure-hits-a-million-users-is-your-personal-information-at-risk-from-using-porn/

Leave a Reply