Adult website leaves sex workers' personal information vulnerable, report says
Thousands of documents -- including passports, photo IDs and other sensitive information -- were stored without a password.
- She received the Renau Writing Scholarship in 2016 from the University of Louisville's communication department.
An Amazon Web Services storage bucket containing the sensitive information wasn't protected by a password.
More than 11,000 identifying documents of models and sex workers for the adult website SextPanther were reportedly exposed in a security lapse. Passports, driver's licenses and Social Security numbers used to verify models' ages were stored on an Amazon Web Services storage bucket that wasn't protected by a password, according to a report from TechCrunch on Friday.
"Our security and legal teams are still investigating," a representative for the company told CNET in a Twitter message. "But at this time there is no evidence of [SextPanther] data being accessed with the exception of the security firm that found the exploit and informed the media. The vulnerability was fixed within one hour of being notified. Once we have more information, we will be providing that directly to the models that were affected."
The site's operator, Alexander Guizzetti, did not confirm that the AWS storage bucket belonged to SextPanther, TechCrunch reported. The storage bucket is no longer online.
A similar security lapse of sex worker information on adult webcam streaming site PussyCash was discovered on Jan. 3 by vpnMentor. In August, adult site Lucious exposed the data of over 1 million users.
Originally published Jan. 24, 11:49 a.m. PT.
Update, 1:21 p.m. PT: Adds comment from SextPanther.
