Most people on the internet are ashamed of their porn searchers, and don't really want that information disclosed to the public. Well, Luscious users should be worried because their user data, searchers, email address and everything else that would be considered personal information was free to grab.
According to the team at vpnMentor, Luscious' account holders had their usernames, email address, activity logs, locational data and much more free for the taking for all 1.195 million users. vpnMentor does say that the data hasn't been stolen as of yet but it was completely accessible, here is what they said "Our team was able to access this database because it was completely unsecured and unencrypted".
vpnMentor also says that they were able to access user accounts 'uploads' section meaning that people could possibly connect their already exposed email addresses, usernames with whatever videos the account has uploaded. This could result in a connection between the account holders real-life name and the video seen on the website, throw into the mix location data and we have a worrisome combination.
"The impact of this data breach on users could be devastating, personally and financially. Activity on adult sites like Luscious is the most private in nature, and nobody ever expects it to be revealed" says vpnMentor.
Researchers do say that the breach has now been closed, but they don't know if other hackers managed to come across this website and stolen some of the data they have now discovered to be vulnerable. "While the data breach is now closed. It's still possible that other hackers could have accessed it earlier and extracted the same data we viewed."
"A greater issue of concern is the fact that many users joined Luscious on official government emails. We found examples of this from users in Brazil, Australia, Italy, Malaysia, and Australia" the blogpost reads.
For more information, check out the official blog post from vpnMentor here.