Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adult Themed VR Game Leaks Data On Thousands (securityledger.com)

Posted by BeauHD on from the mature-audience dept.

chicksdaddy writes from The Security Ledger: Somebody deserves a spanking after personal information on thousands of users of an adult virtual reality game were exposed to security researchers in the UK by a balky application. Researchers at the firm Digital Interruption on Tuesday warned that an adult-themed virtual reality application, SinVR, exposes the names, email and other personal information via an insecure desktop application -- a potentially embarrassing security lapse. The company decided to go public with the information after being frustrated in multiple efforts to responsibly disclose the vulnerability to parent company inVR, Inc., Digital Interruption researcher and founder Jahmel Harris told The Security Ledger. Jahmel estimated that more than 19,000 records were leaked by the application, but did not have an exact count.

SinVR is a sex-themed virtual reality game that allows players to navigate in various adult-themed environments and interact with virtual characters in common pornographic themes including BDSM, cosplay, naughty teacher, and so on. The company discovered the data after reverse-engineering the SinVR desktop application and noticing a function named "downloadallcustomers." That function called a web service that returned thousands of SinVR customer records including email addresses, user names, computer PC names and so on. Passwords and credit card details were not part of the data dump, Harris said.

6 of 41 comments (clear)

  1. Naughty teacher? by 110010001000 · · Score: 2

    Is the naughty teacher theme the one where they teach Evolution?

    1. Re:Naughty teacher? by rmdingler · · Score: 2

      The rather obligatory teaching theme ought to be:

      If you enter your genuine personal information into a porn site's data base, you're taking a silly risk.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    2. Re:Naughty teacher? by Ol+Olsoc · · Score: 2

      Is the naughty teacher theme the one where they teach Evolution?

      No, it's the 35 year old female boinking her underage students.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    3. Re:Naughty teacher? by Ol+Olsoc · · Score: 2

      You're using a computer, so you must not be worried. Feel free to post your real name, address, date of birth, mother's maiden name, first pet, city of birth and last four of your social security number here.

      After all, there's nothing for you to be worried about, right?

      I'm always concerned. But the intertoobz is not a secure place, and was never designed to be a secure place. I have whatever protections there are, and don't worry about it that much. Just use good care.

      My point is that if a person wants to use masturbatory aids on the intertoobz, and would feel embarassed or worse if the knowledge that he or she is using those aids, they shouldn't use a service that requires personal info. It's just the same thing with people who want to do criminal acts. The intertoobz is the worst place to do that. Because even with encryption, they are drawing attention to themselves.

      It's like someone using a skywriting service to send encrypted messages. The powers that be might not know what is in those messages, but they can follow the plane, find where it lands, and have anice chat with the pilot, his boss, and eventually the people who paid for the encrypted can be found.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  2. Shocker! by demonlapin · · Score: 2

    Porn VR game has bad security? Who knew?

  3. Re:Why would it have data by GrumpySteen · · Score: 2

    Because it's profitable to harvest customer data and sell it. Duh.