PussyCash adult webcam data breach exposes highly sensitive data of models

Graham Cluley
Graham Cluley
@[email protected]

PussyCash adult webcam data breach exposes personal data of models

Thousands of adult webcam models have had their intimate details exposed online after a data breach involving the live webcam porn network, PussyCash.

Those who know about such things say that PussyCash “hosts affiliation programs for multiple adult sites, paying webmasters for traffic sent to the sites through banners and exit traffic.”

Sites owned and operated by PussyCash, via its parent company IML SLU, include ImLive, Sexier, Fetish Galaxy, Shemale, Supermen, Forget Vanilla, Whiplr, Phonemates, and others.

Sign up to our free newsletter.
Security news, advice, and tips.

Security researchers at VPN Mentor say that they uncovered a leaky Amazon S3 bucket, administered by the explicit webcam network, with 875,000 files accessible to anybody with an internet connection – no password required.

The haul of information exposed included videos, photographs, screenshots of video chats, and other data. In addition, webcam models who signed up for the network had their full name, dates of birth, place of birth, address, citizenship status, nationality, passport details, gender, photograph, signature, parents’ full names, fingerprints, full credit card numbers, credit card expiry dates, body measurements, details of tattoos and piercings, and a score of other personal details exposed through the scanning of passports, credit cards, driving licences, national ID cards, birth certificates, marriage certificates, and model release forms.


You may have been expecting to reveal a lot by signing up as an adult webcam model, but I doubt this is quite what you had in mind.

Czech model
Czech model holds two forms of identification.

Bizarrely, the information even includes scans of models’ handwritten biographies, including their favourite food, sexual fantasies, favourite sexual position, hobbies, and so forth.

Webcam biography
Handwritten biography page of a South American model.


Clearly in the wrong hands such sensitive information could be extremely dangerous. There is not only the conventional threat of scams and identity theft, but also blackmail, extortion, stalking, and public humiliation.

And it’s worth bearing in mind that individuals listed in the database may no longer be an active adult webcam model, and could now work in a more conventional profession where disclosure of their past could prove highly embarrassing.

PussyCash is just one of many many sites to have made the mistake of leaving sensitive data exposed on an unsecured server for anybody to access, without seemingly the first thought about proper security.

But that’s no excuse. All businesses, small and large, whether they be accountants or quantity surveyors or those hawking live streams of webcam models, should learn the lesson now to better defend their data and stop it from falling into unauthorised hands.

Learn more about the breach, and the threats facing the models exposed, in this article by the team at VPN Mentor.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.