Slashdot Mirror
Massive Porn Buyer Info Leak
Anonymous Guy wrote to mention a Wired article that covers the release of information for millions of customers onto the Internet. From the article: "The stolen data, examined by Wired News, includes names, phone numbers, addresses, e-mail addresses and internet IP addresses. Other fields in the compromised databases appear to be logins and passwords, credit-card types and purchase amounts, but credit-card numbers are not included. The breach has broad privacy implications for the victims. Until it was brought low by legal and financial difficulties, iBill was a top credit-card processor for adult entertainment websites."
What kind of moron buys porn? Hello? IT'S FREE ON TEH INTARWEBS, and especially on Usenet. There are people who literally get off on making and distributing porn of all varieties at no cost. They want you to watch.
Unless your idea of hotness is overproduced Playboy-style photography with a combination of four different skin textures, three different lighting rigs, and sixteeen different gauze filters, you can get what you want on Usenet without risking your credit history.
Dude, RTFA. They didn't get the credit card numbers. Only personal information like name, phone number, address, email. Not that that's not a big deal, but this isn't a CC number security issue.
Of course, this isn't made clear until way at the end of the article: "Because the information didn't include Social Security, credit-card or driver's-license numbers, no U.S. laws require iBill or the companies for which they provided billing to warn victims."
Who is General Failure? And why is he reading my disk????
Um, anytime I buy something "questionable" or from a questionable source, I use a one time credit card number. I know MBNA has this. You set a dollar amount for the number, as well an expiry date. It is great for sites with auto renewing subscriptions. I use them all the time for 3 day 1.99 trials. I set the card limit at 2.50, use the number, and then forget about it. When they try and charge me, they get nothing but an expired card.
My understanding is that most identity theft is still done the old fashion way- with garbage diving etc. When I was in college, I bartended. I could have easily written down every credit card number that was handed to me....
But clearly this is more of a privacy issue. Even if nothing is stolen from me, I would prefer that my name not be associated with porn purchases. But then again, who am I kidding, everyone that meets me just assumes I am into porn. I guess it is my vibe.
And All I Ask is a Tall Ship And a Star to Steer Her By
You can actually download this 214mb list of information here:
http://5sec.us/Ibill_1m.txt
I don't know why you'd want it, maybe you can use the passwords or something. But there it is anyway.
Big ones, small ones, some as big as yer 'ead!
Give 'em a twist, a flick o' the wrist...
Livejournal, for example, was offering payment through iBill during the time covered by the leak (run that link through Archive.org if you care to verify, /. filters the part following the asterisk).
No, but they did do credit card processing for sites featuring under-18 models doing "non-nude" work. Within the past couple of weeks, a group of those sites got busted and the FBI has announced intentions to prosecute them for selling child porn even though the models were clothed. (It seems the clothes were too small and/or the poses too racy.) Note that I don't know if any of the recently busted sites were using iBill and the point may already be moot since iBill has been defunct or close to it for a while.
However, according to TFA
I have to figure if logins and passwords are there, then the websites accessible via those logins might also be in the data. If so, I imagine that at this moment a whole bunch of guys are pretty worried.