A hacker has captured the data from the members and offers it for sale, according to a study by the NOS after reporting an anonymous source.
In addition to e-mail addresses, this includes user names, IP addresses and passwords. The passwords are secure and cannot be cracked just like that, but the e-mail addresses of users are legible.
The data, some of which was viewed by the NOS, shows that many forum members use an email address from which their real name can be derived.
The hacker asks $ 300 for the data. In his own words, he abused a large data breach in commonly used forum software that was announced last week.
Hookers.nl confirms the data breach and promises to send all users a message this morning about the leakage of the account data.
Blackmail is probably the biggest danger for users on the site. “Membership in such a forum is certainly something that can be extorted with,” says Arda Gerkens of Helpwanted.nl, who assists young victims of sex-related abuse.
“Some people are not secretive about their prostitution visit, but it is certainly when people use a nickname that they want to remain anonymous.” In the file that the NOS holds, it indeed appears that people often use an anonymous username but a traceable e-mail address.
What should you do if you are in the Hookers.nl leak?
If you fear becoming a victim of extortion then Helpwanted.nl advises you to never pay. “That really makes no sense,” says Arda Gerkens. After all, if you pay, there is no guarantee that the blackmailers will then ask for more money or someone else will try the same.
“If you are approached, take screenshots of the message, block that person and make a report,” says Gerkens. “And if you are really afraid that it will leak out, you’d better have the conversation with your wife or boss yourself.”
According to Gerkens, users who have an account on Hookers.nl would do well to keep their social media accounts private. “That makes it harder to track you and your acquaintances.”
The problem does not only apply to clients of sex workers: prostitutes and escorts are also active on the website. They also do not always want to be known as sex workers with their real names, for example because their environment is unaware.
The sensitivity behind the website is also aware of this sensitivity. “It is of course not an account of your internet provider that leaks, maybe you do not want people to know that you have an account here,” says Midhold spokesman Tom Löbermann, who is behind the site. “We are not happy with this.”
It would not be the first time that users were extorted with membership of a controversial website. Four years ago, the personal data of members of the adultery site Ashley Madison ended up on the street thanks to hackers. Then users were extorted, killed marriages and has even been made of suicides as a result of the data breach.
The hacker says he has not yet sold the data, but expects that it will. “Certainly people want to buy it, bro “, he says .
He does not feel guilty towards the affected forum members. “It only concerns fewer than three hundred thousand users,” he says. “Tens of thousands of websites are hacked every day. I am not the devil. It is not a question of whether your website is hacked, but when.”
Hookers.nl is not the only website that has been hit by a leak in the popular forum software vBulletin. The forum of computer security officer Comodo was also hacked in that way .
How did we proceed?
The NOS first verified whether the claims about the data breach were correct before Hookers.nl confirmed the breach. We contacted the seller of the database, presented ourselves as an interested buyer and asked for a sneak preview . We received it: the seller sent us the details of a thousand members. We have not paid the seller.
We subsequently verified whether it actually concerned users of Hookers.nl. We have used the ‘forgotten password’ function of Hookers.nl. By entering e-mail addresses and clicking on ‘forgot password’, it was possible to check whether an e-mail address exists in the database.
We have done this with five randomly chosen e-mail addresses. Although this gives a user an e-mail in his inbox with the message that someone has attempted to restore his or her password, we still found this to be an appropriate way to check whether e-mail addresses from the dataset were actually on Hookers.nl . It was necessary to exclude that it was about different dates.
We also checked with Google searches whether behind individual accounts on Hookers.nl there are existing people. All information collected by us will be deleted after publication.