Popular adult cam chat StripChat exposed data of users and models

Popular adult cam chat StripChat exposed data of users and models

The popular adult cam site StripChat has been found exposing the personal data of millions of users and adult models. The security breach has been discovered by security expert Bob Diachenko at the beginning of November 2021.

The researcher said he discovered an ElasticSearch database cluster belonging to StripChat available on the internet without authentication. The exposed cluster contained nearly 200 million records in total, comprised of several databases.

The exposed info included data of 65 million users registered on the site (username, email, IP address, ISP details, tip balance, account creation date, last login date, account status); data of 421,000 models broadcasting on the site (username, gender, studio ID, live status, tip menus/prices, strip score); records of 134 million transactions (information about tokens and tips paid by users to models, including private tips); and data about 719,000 chat messages saved in a moderation database (the user and model ID involved in the conversations, including both private and public messages).

According to Diachenko, he informed StripChat about the data breach on November 5, 2021, but never received a response from the company. However, the database was secured two days later - on November 7.


Back to the list

Latest Posts

JSCEAL malware campaign targets crypto app users

JSCEAL malware campaign targets crypto app users

The JSCEAL campaign leverages malvertising primarily on social media platforms.
30 July 2025
Chinese firms linked to Salt Typhoon behind dozens of tech patents for cyber espionage tools

Chinese firms linked to Salt Typhoon behind dozens of tech patents for cyber espionage tools

The patents mention tools for encrypted endpoint data collection, forensic access to Apple devices, and remote control of routers and smart home systems.
30 July 2025
Scattered Spider targets data storage systems via IT help desk impersonation

Scattered Spider targets data storage systems via IT help desk impersonation

The joint advisory was updated with the latest data from FBI-led investigations as recent as June 2025.
30 July 2025