Thousands of porn stars' intimate details 'exposed online' Published duration 15 January

image copyright vpnMentor image caption A Brazilian ID card with a fingerprint

Cyber-security researchers claim that highly sensitive personal details about thousands of porn stars have been exposed online by an adult website.

They told BBC News they had found an open folder on PussyCash's Amazon web server that contained 875,000 files.

The live webcam porn network, which owns the brand ImLive and other adult websites, said there was no evidence anyone else had accessed the folder.

And it had it removed public access as soon as it had been told of the leak.

The researchers are from vpnMentor, which is a VPN comparison site.

"Privacy and the protection of user data is a top priority and concern for us," PussyCash said.

"For this reason, we acted promptly and removed public access to the open folder as soon as vpnMentor alerted us to this fact."

'Public humiliation'

But vpnMentor said in a blog anyone with the right link could have accessed 19.95GB of data dating back over 15 years as well as from the past few weeks, including contracts revealing more than 4,000 models':

full name

address

social-security number

date of birth

phone number

height

weight

hips, bust and waist measurements

piercings

tattoos

scars

The files also revealed scans or photographs of their:

passport

driving licence

credit card

birth certificate

And the folder also contained:

videos

marketing materials

photographs

clips and screenshots of video chats

The models were mainly from North America but also from Latin America, the Czech Republic and Hungary, vpnMentor said.

And the leak represented a potentially "severe threat" of identity theft, scams, public humiliation, blackmail, extortion, stalking, job loss, and embarrassment that could "could very well ruin" their lives.

"This is really alarming," said David Emm, a senior security researcher at Kaspersky Lab. "There's a lot of very sensitive information involved, leaving the people affected by it open to a combination of ID theft and extortion.

"It could also leave people feeling the way you do when a burglar has forced entry to your home and you know they've been through intimate aspects of your life."

This is the latest incident where a company has failed to protect data on a server properly.