CafeCanli, a Turkish live video chat provider, has leaked sensitive details on hundreds of thousands of its users. The only silver lining is that websites’ admins swiftly secured the leaky database.
Few places online demand more privacy than dating sites or OnlyFans-like websites, where content creators provide private videos to paying users. However, the Cybernews research team discovered an exposed CafeCanli MongoDB database, with sensitive information on 421,381 users.
CafeCanli, mostly catering to users in Turkey, is a veteran live video chat service provider that allows users to connect in public and private chat rooms. The website's front page strongly suggests it focuses on female content creators.
“The exposure of such a wide array of sensitive data, particularly in the context of an online platform offering live video chat services, is highly concerning. Users of platforms like CafeCanli expect their interactions and financial transactions to be secure and private,” researchers said.
What CafeCanli data was exposed?
Meanwhile, the exposed MongoDB database hosted a copious amount of sensitive details about the website‘s users. According to the team, the unprotected instance exposed:
- Usernames
- Email addresses
- IP addresses
- Login information
- Encrypted passwords
- Payment transactions
- User conversations
- Internal platform logs
- Guest account details
Not all users had the same details exposed. For example, the team said 54,000 payment transaction records were exposed. However, given the likely sensitive nature of the website’s services, a data leak of this sort could severely impact user privacy.
According to the team, the website closed the leaky instance less than 48 hours after it was discovered, minimizing the potential impact on users. However, attackers scour the web for open instances, sometimes siphoning everything they can the moment a database becomes public.
We have reached out to CafeCanli for comment and will update the article once we receive a reply.
Why is the CafeCanli leak dangerous?
Data leaks of this nature serve as a stark reminder of the essential importance of securing databases containing sensitive user data. Researchers believe that attackers could use leaked data to carry out identity theft attacks, especially since personal and financial transaction data was exposed.
Privacy is another major issue with the leak as malicious actors, who get their hands on information stored in the unprotected database could use exposed conversations for extortion or otherwise hold them against users.
Moreover, researchers believe that attackers could use exposed financial information to make unauthorized transactions from user accounts.
Users aren‘t the only ones who could suffer from this data leak: exposed internal logs and settings could enable cybercrooks to further compromise platform security and move laterally inside its systems.
“The swift action taken to secure the exposed database was crucial, but the incident emphasizes the need for proactive security measures to prevent such vulnerabilities from being exploited in the first place,” researchers said.
To mitigate risks associated with the leak, researchers suggest the following:
- Immediate security patching: Ensure that all MongoDB instances are properly secured with authentication and authorization controls
- Encryption of data: Implement stronger encryption methods for sensitive data, particularly for passwords and financial transactions
- Access controls: Enforce strict access controls and ensure that only authorized personnel have access to sensitive data
- Regular security audits: Conduct regular security audits and penetration tests to identify and fix vulnerabilities in the platform
- User notification: Inform affected users of the breach and provide recommendations on steps they can take to protect themselves, such as changing passwords
- Legal and regulatory compliance: Review compliance with data protection regulations and take steps to mitigate potential legal repercussions
Your email address will not be published. Required fields are markedmarked