FYI.

This story is over 5 years old.

Tech

'White Hat Hacker' Grabs User Details from Gay Porn Sites

But a company representative claims it's an ex-employee out for revenge.
Image: Che Saitta-Zelterman

A self-described white hat hacker has obtained tens of thousands of customer records from at least two gay porn websites. The hacker claims that some of the data was publicly exposed, and that they were able to obtain the rest by exploiting vulnerabilities in the sites.

"When I alerted the sites of their massive security issues, the owners just ignored me. I thought they would take it more seriously if I showed them the data. Unfortunately, that didn't work either; they just sent me weird threats," the hacker, who used the handle GP Whitehat, told Motherboard in an encrypted email.

Advertisement

The sites are HotGuysFuck.com and GayHoopla.com. They are both owned by the same company, Blurred Media LLC.

The hacker provided a sample of the data for verification purposes. It included email addresses, user names, plain text passwords, and IP addresses. Motherboard spoke to several users of the sites, one of whom confirmed his password.

"This really angers me that they couldn't/didn't catch this breach," one GayHoopla member, who declined to be named, wrote in an email.

In all, around 30,000 records were taken, according to the hacker, who said that some of the records also included street addresses. The hacker claims to have also obtained data from a site called VoyeurBoys.

Around 2,000 of those customer details were available in three files in a publicly accessible folder related to the sites, according to GP Whitehat. A number of vulnerabilities also allowed access to the sites' full databases.

"This individual has refused to identify himself to us or discuss how or even why he has attacked us."

"The data in question is used for members' access to paid content and to initiate a manual cancel of an active, re-billing membership," a representative from HotGuysFuck and GayHoopla told Motherboard in an email. "With our security consultant, we believe we have secured the systems attacked for the immediate term, and we are migrating to a new install and structure asap to avoid a repeat of this."

Advertisement

According to the company representative, GP Whitehat has malicious intentions, and they suggest he could be a freelance programmer the company sued in the past who is out for revenge.

"This individual has refused to identify himself to us or discuss how or even why he has attacked us. He has admitted to stealing our private property, has issued threats against us personally and our business, has vandalized a part of the website, and has used the stolen property in an attempt to damage our business," the representative continued.

The representative claimed that GP Whitehat had threatened Blurred Media LLC's owner by sending a message containing their Social Security Number. (GP Whitehat did send Motherboard a document which appeared to contain the Social Security Number of Blurred Media LLC's owner).

GP Whitehat, for their part, denied being affiliated with the sites. "I am categorically not a former employee, associate or contractor of the site nor do I know any," GP Whitehat wrote.

GP Whitehat indicated that the data will not be publicly distributed or put on sale.

The lesson: Signing up to a porn site can generate some pretty sensitive information about you. Consider how much information you're happy to divulge, or if it's worth registering with different details.

Another day, another hack.

The Hacks We Can't See is Motherboard's theme week dedicated to the future of security and the hacks no one's talking about. Follow along_ here_.