1. Computing

Hack shows government and military employees used their email addresses on hardcore fetish site

By

Ccleaner
What’s the most embarrassing thing you’ve used your work email for?

Originally reported by BBC News, data on more than 100,000 accounts was stolen from a forum called The Rosebutt Board dedicated to sexual fetishes (obviously the site is NSFW if you’re tempted to look it up). Security expert Troy Hunt, who runs the Have I Been Pwned? site unearthed the news on the data after he was alerted by a user.

The hacked data includes usernames, email addresses, IP addresses, and hashed passwords, though the hashing used on the passwords has been called fairly poor.

Despite the explicit and sensitive nature of the website, it appears that some government staffers actually used their official email addresses to register. There are “multiple .gov and .mil email addresses in the Rosebutt breach,” according to Hunt. Hacks and data breaches are always bad but this one could leave some users particularly red-faced.

Much like the Ashley Madison hack, the site carries info on sexual preferences and fetishes. While people on the site could sort of mask their identity with usernames, the leak of email addresses and IP addresses mean they could technically be identified.

“This is a forum where you would think people would want to stay private, but people were using traceable emails or even corporate emails,” said Hunt.

He explained that the forum was likely breached by exploiting a very simple and common SQL vulnerability in the site. The site had also been using antiquated software like the MD5 algorithm for scrambling the passwords, which has been considered outdated for quite some time.

If you have an account on the forum, it would be advised to change your password and also check Have I Been Pwned? to see if your email address is among the affected lot. Hunt added that users should take more care to hide their identities and cover their tracks when accessing such private material.

Editors' Recommendations

How to know if you’ve been hacked

Online passwords: Research confirms millions of people are using 123456

leaky password patterns pdg feature

Data breach compromises 773 million records, 21 million passwords

bangladeshi bank heist foiled by spelling mistake internet hacking dark net

If your data is found on the dark web, Firefox Monitor will let you know

firefox 55 adds webvr support

With Tesla bleeding money, Elon Musk initiates hardcore spending review

Tesla Model Y front

How to get free stuff on Amazon in 2021

Amazon Black Friday deals

Leaked Samsung Galaxy Tab S8 renders show sleek design similar to the S7

Samsung Galaxy Tab A7.

HP is having an early Black Friday sale today — here are the best deals

hp dual monitor bundle deal july 2021 monitors

Dell is practically giving away this gaming laptop today — SAVE $285

The Dell G15 gaming laptop with a colorful creature on the screen.

Alienware gaming chair $30 off for early Black Friday deal at Dell

Alienware S5000 gaming chair on sale at Dell

Save $130 on Samsung’s Alexa-enabled soundbar at Amazon today

Samsung Soundbar HW-S61a showing off fabric design.

Fortnite season 8, week 6 challenge guide: Dark Jonesy

Dark Jonesy (Fortnitemares) from Fortnite.

This stunning Dell 34-inch curved monitor just got a huge discount

Dell 34 Curved Gaming Monitor – S3422DWG on sale at Dell