Female Escort Review Site Data Breach Affects 470,000 Members

An online community promoting female escorts and reviews of their services suffered a data breach after a hacker downloaded the site’s database.

EscortReviews.com is an adult online vBulletin forum community that allows escorts based in the United States and Mexico to promote their services, share profile pictures, contact information and biographies with potential clients. Clients can then post reviews about their experiences with the particular escort.

The site is very active with over 2.4 million topics, 12.5 million posts and over 470,000 members.

EscortReviews.com member and post statistics
EscortReviews.com member and post statistics

Hackers release stolen vBulletin database

This weekend, a malicious actor posted a link to a stolen vBulletin forum database for the EscortReviews.com website.

EscortReviews.com database leak
EscortReviews.com database leak

This database contains the registration information of over 472,695 members, including their display name, email address, MD5 hashed passwords, optional Skype account names, optional birthday, and IP adress.

Sample database
Sample database

In a sample shared by cybersecurity intelligence firm Cyble, the most recent data is from September 2018.

BleepingComputer has contacted some of the users listed in the database to confirm if the information belongs to them and is accurate. Only one member replied, indicating that the data is correct.

The site is currently showing a vBulletin database error to visitors. It is not known if the site is disabled due to the database release or if the site has been permanently shut down.

vBulletin error on EscortReviews.com
vBulletin error on EscortReviews.com

The site’s last cached Google search page is from January 21, 2021.

The site ran vBulletin 3.8.9, which known vulnerabilities that could allow attackers to breach the site. It is not known if the forum was hacked using one of these vulnerabilities or if the site left an insecure backup of the online database.

As the site uses an MD5 hashed password, which can easily be cracked, members are strongly advised to change their passwords on other sites using the same.

Members of EscortReviews.com can also check if their information is part of the data breach using Cyble’s AmIBreached data breach notification services.

Adult site data breaches can be devastating

Data breaches for adult sites, such as those promoting escort or dating services, can be devastating to members if their information is exposed publicly.

This information can be used by threat actors to perform targeted blackmail or sextortion attacks, such as the attacks that occurred after the 2015 Ashley Madison data breach.

Worse still, there are known cases of data breaches leading to suicides after information about their activities was posted online.