A virtual reality P0rn site has been H@cked, exposing the personal details of 20,000 users. H@ckers, who describe themselves as ‘ethical’, managed to download details of users of SinVR, including names, email address and download details.
Digital Interruption, a cybersecurity firm, has revealed that it was behind the H@ck, and gained access by taking advantage of a lack of authentication on the endpoint.
In a blog post , a Digital Interruption spokesperson wrote: “Not only could an attacker use this to perform social engineering attacks, but due to the nature of the application, it is potentially quite embarrassing to have details like this leaked.
“It is not outside the realm of possibility that some users could be blackmailed with this information.”
Digital Interruption told SinVR about the H@ck in December, and the issue that allowed them to gain access has now been resolved.
Speaking to The Sun , a spokesperson for SinVR, said: “It has been a tremendous learning experience, which will serve to enhance our security and we are glad that it was conducted ethically.
“Moving forward, we are confident in our ability to stop similar attacks and will keep using a professional security service to audit our system.”