The email addresses and other details of 250,000 members of the Dutch prostitution forum hookers.nl have been accessed by a hacker, who intends to sell the data. This site is used by those who visit sex workers to share tips and experiences.
NOS has verified the website’s security breach after a tip by an anonymous source. A reporter posed as a potential buyer, and was given a sample of a thousand email addresses, which they did not pay for. They verified these email addresses by using the “forgot password” function on the website. The data held by the hacker includes email addresses, names, still-protected passwords and IP addresses.
The hacker’s price is 300 US dollars
The hacker is asking 300 US dollars from those who want to buy the data from him. According to NOS, he says that he abused a large data breach in a commonly used forum software. Hooker.nl has confirmed the data breach and will send its members an email about it later today.
Of course, this is sensitive information that could definitely be used to blackmail members of the forum. It’s for this reason that the hacker is so sure he will be able to sell the information: “Certainly people want to buy it, bro”, he says. Some people may be open about the fact that they visit sex workers, but many people on the website have used nicknames, indicating that they do not want their identity known.
Details of sex workers also accessed
Just as worryingly, the email addresses of sex workers and escorts have also been accessed by the hacker, as they too are active on the forum. They may also want to remain anonymous- the people in their surroundings may not know what their job is, for example. Sex workers have already come under fire from the Christian Youth Party, who presented a petition to criminalise sex work to the Dutch lower house last April. However, in other countries where sex work has been criminalised, sex workers have suffered increases in violence, and STI rates have risen. In short, it would be a disaster for women.
The website has stated that “we are not happy about [the data breach]” and that it understands that hookers.nl is a website members definitely don’t want their data accessed from.
Reminiscent of Ashley Madison breach
If all of this sounds familiar, that’s because a similar situation occurred with the adultery website Ashley Madison four years ago. A hacker published the personal data of members of that site and very serious consequences ensued: members were blackmailed, marriages broke down, and even some suicides were reported. However, the hacker feels no remorse for what he has done: “It’s only about three hundred thousand users,” he said to NOS’s undercover reporter. “Tens of thousands of websites are hacked every day. I’m not the devil. It’s not a question of whether your website is hacked, but when.”
What do you think of this hack? What do you think the websites should be doing to protect the identities of its visitors? Let us know in the comments below.
Feature image: 8013345/Pixabay