More than 11,000 identifying documents of models and sex workers for the adult website SextPanther were reportedly exposed in a security lapse. Passports, driver’s licenses and Social Security numbers used to verify models’ ages were stored on an Amazon Web Services storage bucket that wasn’t protected by a password, according to a report from TechCrunch on Friday.
“Our security and legal teams are still investigating but at this time there is no evidence of [SextPanther] data being accessed with the exception of the security firm that found the exploit and informed the media,” a representative for the company told CNET in a Twitter message. “The vulnerability was fixed within one hour of being notified. Once we have more information, we will be providing that directly to the models that were affected.”
The site’s operator, Alexander Guizzetti, did not confirm that the AWS storage bucket belonged to SextPanther, TechCrunch reported. The storage bucket is no longer online.
A similar security lapse of sex worker information on adult webcam streaming site PussyCash was discovered on Jan. 3 by vpnMentor. In August, adult site of over 1 million users.
Originally published Jan. 24 at 11:49 a.m. PT.
Update, at 1:21 p.m. PT: Adds comment from SextPanther.