CNET también está disponible en español.

Ir a español

Don't show this again

TikTok barred from US starting Sunday Apple's best iOS 14 features Second stimulus check payment schedule iPhone 12 release prediction Super Mario 3D All-Stars review The best VPN service of 2020 Apple Watch Series 6

Adult website leaves sex workers' personal information vulnerable, report says

Thousands of documents -- including passports, photo IDs and other sensitive information -- were stored without a password.

- 01:14

An Amazon Web Services storage bucket containing the sensitive information wasn't protected by a password. 

Andrew Brookes

More than 11,000 identifying documents of models and sex workers for the adult website SextPanther were reportedly exposed in a security lapse. Passports, driver's licenses and Social Security numbers used to verify models' ages were stored on an Amazon Web Services storage bucket that wasn't protected by a password, according to a report from TechCrunch on Friday.

"Our security and legal teams are still investigating," a representative for the company told CNET in a Twitter message. "But at this time there is no evidence of [SextPanther] data being accessed with the exception of the security firm that found the exploit and informed the media. The vulnerability was fixed within one hour of being notified. Once we have more information, we will be providing that directly to the models that were affected."

The site's operator, Alexander Guizzetti, did not confirm that the AWS storage bucket belonged to SextPanther, TechCrunch reported. The storage bucket is no longer online. 

A similar security lapse of sex worker information on adult webcam streaming site PussyCash was discovered on Jan. 3 by vpnMentor. In August, adult site Lucious exposed the data of over 1 million users.

Originally published Jan. 24, 11:49 a.m. PT.
Update, 1:21 p.m. PT: Adds comment from SextPanther. 

Now playing: Watch this: What to do if your personal information is part of a...