Another top adult site reveals data leak - Frivol says around 479,000 users may be affected

News
By published

Adult site kept an open database with user details

Data leak
(Image credit: Shutterstock)
  • Cybernews found exposed Kibana instance at adult site Frivol.com
  • 479,000 user emails leaked, including some corporate addresses
  • Company denied breach, but exposed data poses extortion and phishing risks

Amateur adult content website Frivol.com kept a Kibana instance available on the world wide web, accessible to anyone who knew where to look.

The flaw was recently discovered by security researchers from Cybernews, who analyzed it and found it contained 479,000 user email addresses.

After reaching out to Frivol, a Spanish company targeting the German-speaking community, the company denied having been breached, and claimed that the data leaked was of no value.

Work emails

“No customer data was stored in the affected system. At no point was there any risk of a data leak. Only insignificant log data was affected,” the company’s representative said.

How insignificant it is to have exposed emails is up for debate, however, as this is not your average data spill - these emails were used to register an account at an adult site. There is plenty of shame and stigma associated with the porn industry, and cybercriminals know very well how to exploit it.

To make matters worse, some people seem to have used their work email addresses to register these accounts. It was probably done to hide the activity from spouses and family members, but it opens the doors to extortion under the threat of notifying employers. A tarnished corporate image hurts just as much.

“The incident highlights how vulnerable even the tiniest amount of personal data can become if not handled properly by the company, as well as the importance of separating personal and professional online activity, and assessing one’s digital footprint,” Cybernews researchers noted.

After discovering the instance and attributing it to Frivol, the researchers reached out to the company who, without acknowledgement, quickly locked it down.

Right now, there is no evidence that the data was discovered by threat actors or used in phishing or sextortion campaigns.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.