Thousands of Adult Website Accounts Compromised

Keith writes "Tens of thousands — or maybe more — accounts to adult websites were recently declared compromised and apparently have been that way since some time in October 2007. The break occurred when the NATS software used to track and manage sales and affiliate revenues was accessed by an intruder. The miscreant apparently discovered a list of admin passwords residing on an unsecured office server at Too Much Media, which makes and maintains NATS installations for adult companies. It would appear that Too Much Media knew of the breach back in October, and rather than fixing the issue tried to bury it by threatening to sue anyone in the adult industry who talked about it." The article gives suggestions for anyone who opened an account at any adult website in the last several months.

If true, this isn't particularly surprising.

[Anonymous Coward]

We are, after all, talking about pornography paid for with credit cards. The entity which lost these data is a clearinghouse for porn payments; its customers are the webmasters who run individual adult sites. Webmasters who, of course, have a vested interest in keeping this quiet. The fault was not theirs, per say, but the repercussions if this becomes public knowledge would bear heavily upon them.

In addition, it's porn. Individual end users cannot protest very much without either A: Admitting they pay for porn online or B: being the subject of askance glances and the occasional, "Methinks he doth protest too much." Some folks won't care, but the kind of people who actually have influence in the real world can't afford that kind of tarnish.

So, even if the worst happens and large amounts of private data are in nefarious hands, it'll all get dealt with quietly. The victims will sort it out in private with their banks, the webmasters will never speak of it, and the company itself probably won't feel much of a hit. If they really do have 90% market share, I doubt anyone else in the field is ready to just jump in and take over.

Re:If true, this isn't particularly surprising.

[SacredByte]

In addition, it's porn. Individual end users cannot protest very much without either A: Admitting they pay for porn online or B: being the subject of askance glances and the occasional, "Methinks he doth protest too much."

You do realize that prepaid credit cards exist, right? You can set any name to it and use it. Since you don't have to have anything physical delivered and it's all online, then you can create fake names and leave out addresses.

Do you realize that not every Joe-Sixpack takes the time to think it through before he gives his personal information to third parties?

Re:Trend?

[Archon-X]

Your post is a scary reflection of presumably intelligent people who actually believe this FUD.
#1 - If you consider porn and sex filth, that's a problem in itself.
#2 - Making a blanket statement that the adult industry is reponsible for your spam is about as intelligent as blaming yourself for stock spam.

Re:If true, this isn't particularly surprising.

[DarkVader]

No, the embarrassing part wouldn't be watching porn - everybody does that.

What would be embarrassing would be getting caught PAYING for porn in 2007. Now that would be embarrassing.

(And yes, I'm quite sure my credit card information hasn't been compromised in this incident.)