It was announced this morning that the data of some 250,000 members of the Dutch website Hookers.nl has been leaked. This is due to a previously disclosed data leak within the popular forum software vBulletin. A hacker managed to get hold of customer data, including e-mail addresses and IP addresses, and offered the information for sale, according to research by NOS.
The leak at Hookers.com was caused by a weakness in the forum software used, vBulletin. This weakness had been known for two weeks. The hacker responsible for stealing the data took advantage of it and managed to retrieve the e-mail addresses, usernames and IP addresses of 250,000 users. The hacker is asking $300 for the data.
Hookers.com is an online forum for visitors to prostitutes. On the site, members can exchange information and tips. In addition to visitors, many prostitutes themselves are also members of the platform. Their sensitive information has also been leaked. The vast majority of Hookers.nl members would probably prefer to remain anonymous, because of the taboo surrounding prostitution. This applies to both prostitutes and their clients. However, with the leaked data, in many cases their identities can be easily identified. Therefore, there is a high chance of extortion of the members, Arda Gerkens of Help Wanted tells NOS.
In 2015, the data of users of the website Ashley Madison, an extramarital dating site, was leaked. As a result, many lives were destroyed: problems ranged from divorces to suicide attempts. So sharing sensitive online information from websites such as Ashley Madison and Hookers.co.uk can have major consequences.
Research shows that many Hookers.com members used an alias on the website. By doing so, they attempted to remain somewhat anonymous. However, their e-mail addresses were not anonymized and often contained information that made it easy to trace the account back to a specific person. For example, many members had their first and last names in their e-mail addresses. In addition, users' IP addresses also became available, indicating their location.
Users who signed up with an anonymous e-mail address and knew how to hide their IP address, such as through a VPN, will be much less affected by the leak. After all, they have a much smaller chance of being identified. Unfortunately, this is far from true for all users.
An example of a secure e-mail provider that helps you remain anonymous is ProtonMail. If you don't use personal information in your e-mail address, ProtonMail makes it much harder for others to figure out your identity.
This news item can also be found in the Data Breach file
