Recently, hackers have shared on a popular data leak forum that they possess 340 million records extracted from the internal databases of OnlyFans.
OnlyFans is a hugely popular subscription platform where many creators sell access to adult content. The service has over 4.5 million creators and nearly 380 million users.
The attackers have claimed that they have both fan accounts and creator accounts, exposing “a wide range of personally identifiable information and detailed account activity metrics.”
Thus, the alleged data leak would contain usernames, joining dates, email addresses, follower counts, like counters, image counts, video counts, live stream counts, payment card data, and linked profiles.
Curiously, the threat actors deny hacking OnlyFans and claim to have created the database using information from previous leaks of the platform, public sources, and other security breaches.
Summarizing
Cybernews confirms that these details have not been obtained from a new security hole and reveal that they date back to August of last year, which would indicate that they are old, not current.
Their research team has analyzed the sample shared by the cybercriminals and discovered that only a dozen records were attached, with user IDs, names, email addresses, and registration profiles.
However, experts do warn that individuals whose data is exposed could be targeted for phishing attacks.
“Emails alone could serve as a sensitive reconnaissance point. Cybercriminals could use this information to cross-reference it with data from other adult content websites and thus create profiles of the exposed individuals,” they add.
OnlyFans itself has also indicated that there has been no current security breach. “According to the available information, these reports are false,” a company spokesperson told Cybernews.
Click Here For The Original Source.
