A hacker has managed to capture the private data of 415,000 advertisers and visitors to the Belgian erotic site Redlights.be. Although most of these are inactive accounts, the site's owner advises site users to change their passwords. The Regional Computer Crime Unit says it is doing all it can to find out who is responsible for the data breach.
Redlights.be is a website where sex workers can offer their services through an advertisement. Link Media says the site is inherently well secured, but that due to "a manual error in encryption," a hacker managed to steal the personal data and messaging of 415,000 accounts. Of these 415,000 accounts, 287,000 are inactive. Of the remaining 128,000 profiles, 87,000 belong to visitors and 41,000 to advertisers.
Users who created an account after February 2023 need not worry, according to Link Media. The owner then had an additional layer of security added, which means private data and messages are additionally encrypted and encoded. Visitors and advertisers who created a profile before February 2023 may have been duped.
It is still unclear who is responsible for the data breach. Link Media says the attacker is now threatening to sell the captured data via the dark web to the highest bidder. The owner says it was in talks with the perpetrator, but that all communication was stalled. What details were discussed in the process, the company leaves open. Both the Regional Computer Crime Unit and the prosecutor's office have been informed of the case and are making every effort to apprehend the perpetrator.
"First of all, we are very sorry for our advertisers and for the visitors of our website that this could have happened. We do everything we can to secure our website against this type of criminal attack, but the hacker still found a loophole," Link Media wrote in a press release about the incident. Since discovering the data breach, the company's IT staff has been working 24/7 to secure all systems and prevent a recurrence.
Link Media engaged a specialized company earlier this year to do a comprehensive security audit. In addition, "state-of-the-art security systems" were installed and all data is additionally encrypted. Despite the incident, the owner of the erotic site says visitor and advertiser data is now safer than ever. Nevertheless, the Web site asks those affected to be extra cautious and change their passwords.
"We are of course fully cooperating with the investigators, with whom we have been working for some time to safeguard our website from rogue organizations and individuals with criminal links or intentions," Michaël Verhaeghe, Link Media's lawyer, told the Gazet van Antwerpen newspaper.
