1. Computing

Hack shows government and military employees used their email addresses on hardcore fetish site

By

Ccleaner
What’s the most embarrassing thing you’ve used your work email for?

Originally reported by BBC News, data on more than 100,000 accounts was stolen from a forum called The Rosebutt Board dedicated to sexual fetishes (obviously the site is NSFW if you’re tempted to look it up). Security expert Troy Hunt, who runs the Have I Been Pwned? site unearthed the news on the data after he was alerted by a user.

The hacked data includes usernames, email addresses, IP addresses, and hashed passwords, though the hashing used on the passwords has been called fairly poor.

Despite the explicit and sensitive nature of the website, it appears that some government staffers actually used their official email addresses to register. There are “multiple .gov and .mil email addresses in the Rosebutt breach,” according to Hunt. Hacks and data breaches are always bad but this one could leave some users particularly red-faced.

Much like the Ashley Madison hack, the site carries info on sexual preferences and fetishes. While people on the site could sort of mask their identity with usernames, the leak of email addresses and IP addresses mean they could technically be identified.

“This is a forum where you would think people would want to stay private, but people were using traceable emails or even corporate emails,” said Hunt.

He explained that the forum was likely breached by exploiting a very simple and common SQL vulnerability in the site. The site had also been using antiquated software like the MD5 algorithm for scrambling the passwords, which has been considered outdated for quite some time.

If you have an account on the forum, it would be advised to change your password and also check Have I Been Pwned? to see if your email address is among the affected lot. Hunt added that users should take more care to hide their identities and cover their tracks when accessing such private material.

Editors' Recommendations

How to set up a VPN

best VPN services

How to find the IP address of your router for customization and security

Give your router new superpowers by installing DD-WRT

report advises governments to avoid encryption backdoors internet router

The best password managers for 2021

have i been pwned owner uncovers 13 million plaintext passwords leaked from free webhost is a safe password even possible we

How to turn off Restricted Mode on YouTube

woman sitting at table watching laptop

How to turn on HDR in Windows 10

Surface Laptop 2 Review

How to type symbols and letters with accent marks

Razer Blade (2018) using keyboard

How to uninstall McAfee

How to uninstall Microsoft Teams in Windows and MacOS

all the new teams features ignite 2020 calling

How to uninstall Windows 10

How to uninstall windows 10

How to update drivers in Windows 10

apple macbook air microsoft surface pro 7 deals best buy home office sale 02 2 1200x9999

How to upgrade from Windows 10 Home to Windows 10 Pro

windows 10 october update

How to use a blue light filter on your PC or Mac

How to use a blue light filter on a PC or Mac