The Candid Board, an x-rated website that operates underground and focuses on sharing disturbing Upskirt pictures of innocent, unsuspecting females has now been exposed to the public eye. Hackers have leaked personal details of around 180,000 members of The Candid Board online. The hack occurred due to the presence of misconfigured or inappropriately configured database.

The leaked data contains 178,201 unique email IDs, usernames, hashed passwords, IP addresses, website logs (which included private details like join date, last-post-date and reputation point stats) and dates of birth. However, none of the financial details were part of the database.

Fun Read: Someone hacked this billboard in Indonesia and defaced with x-rated video

The analysis suggests that 19 email addresses contain .gov domains including wales.gsi.gov.uk, bom.gov.au, education.tas.gov.au and houstontx.gov. There are roughly 70 .mil records as well, 32 of them contain the domain us.army.mil while 6 contain Navy.Mil domain name.

When the IP numbers were verified by IBTimes UK, it was identified that these did match with their respective corresponding email address. Such as an IP search for wales.gsi.gov.uk generated this result: http://host246.welsh-ofce.gov.uk.

According to IBTimes UK, the information from the leaked database was reportedly acquired from September 2015. The site further stated that the database has now been secured while the database was managed by Webair, a cloud hosting service provider based in the US.

Security expert and breach notification website HaveIBeenPwned owner Troy Hunt has posted the leaked data on the website and only verified owners of the data could access it. The data is not searchable by the public because of the relative sensitivity of the data. In his statement, Hunt said:

“It’s amazing how much personal information people will entrust sites of this nature with. Members provided accurate email addresses and birthdates which combined with their IP address now very clearly ties them back to a site of very questionable legal status.”

Also Read: Brazzers’ Forum Hack Exposes 800,000 email IDs and Passwords

The Candid Board was contacted for a response, but the company refrained from giving out any statement regarding the data leak.

Owais Sultan

Owais takes care of Hackread's social media from the very first day. At the same time He is pursuing for chartered accountancy and doing part time freelance writing.