A French personal torrent group referred to as World in HD (WiHD) inadvertently uncovered delicate person knowledge to the broader web.
Analysis from Cybernews found an unprotected database utilizing Elasticsearch. The database, the researchers stated, contained person emails, IP addresses, service info, usernames, and hashed passwords, for each discussion board customers and directors.
Virtually 100,000 folks have had their knowledge uncovered this fashion. Torrents are a method to share huge information over the web, and whereas they’re not unlawful by design, lots of people use them to share pirated content material, corresponding to motion pictures and sequence, music, video games, cracked software program, and extra. Due to this fact, having personally identifiable info uncovered this fashion additionally probably exposes these folks to felony costs.
Blackmailing the customers
Most torrent websites, such because the famed Pirate Bay, advocate using VPN when downloading issues by way of torrents, so it’s protected to imagine that the majority customers created faux e mail addresses and used IP spoofing software program to stay hidden.
WiHD is a well-liked video torrent group that focuses on content material in French and English languages and tries to keep up excessive requirements. The members have entry to high-definition TV sequence, animations, and different content material. Allegedly, changing into a member is comparatively laborious, as some folks have been noticed promoting their invitations for greater than $100.
“Menace actors might have interaction in varied illicit actions, corresponding to monitoring and figuring out customers for authorized repercussions, launching focused phishing assaults, or probably exposing customers’ downloading habits, elevating privateness and authorized issues for affected people,” researchers stated.
It’s unknown if any menace actors (or legislation enforcement, for that matter) found this database earlier than Cybernews did. It is usually unknown if WiHD was notified of the invention beforehand, or in the event that they managed to lock the database down within the meantime.