Top Escort Service in Brazil Exposes Millions of User and Customer Records

Security researcher Jeremiah Fowler has uncovered a major non-password-protected database belonging to Fatal Model, one of Brazil’s largest escort services.

Fowler attributed the breach to an exposed cloud database where he also found access keys and storage information of the escort agency’s AWS storage account.

He said the database contained a “massive amount of information” including images of escorts, internal files and source code for the Fatal Model application.

“I originally discovered an exposed cloud database that contained log records with references to Fatal Model, a website that claims to be the largest escort service in Brazil,” Fowler said. “The logging records revealed data related to both clients and escorts, including email addresses, account details, and device information.”

Here’s a breakdown of the exposed data:

• A logging database of 19.17 GB that held 14,669,275 records
• AWS storage cloud account of 700 GB that held 3,507,180 records
• The same AWS account also contained a folder named “2022” which held 35,400 escort accounts with images and videos used for verification and ads
• A folder named “2023,” which also held 33,900 escort accounts with verification images, pictures and a limited number of video sampling. The researcher said he spotted no duplicates
• In addition to those records, the database held application, install and development files, admin access tokens, and user information alongside email addresses, names, user ID numbers and device info.

In his report, Fowler noted that the database was closed to the public on the very day he made the discovery.

“The logging database was closed to public access the same day I discovered it, while the AWS database remained open until I sent a responsible disclosure notice,” Fowler explained. “Later on, I received a reply from Fatal Model letting me know that the logging database was secured, yet the AWS bucket contained publicly available data. The technology team from Fatal Model was very professional and acted fast on securing the database.”

What are the risks for escorts and their customers?

As with any database left wide open online, there’s no telling if malicious individuals also access or copy the exposed data before a company or service secures access (an internal forensic assessment by the company could help identify if the data was viewed or exfiltrated by others).

This breach could hypothetically pose a serious risk to both escorts and clients. Using personally identifiable info, images and other exposed data, cybercrooks or other threat actors could attempt to extort/blackmail users and ruin their reputations by publicly exposing the sensitive info.

“Another risk is that exposed development files could allow cybercriminals to inject malicious code into the leaked files or replace them with compromised versions,” Fowler said. “This could allow the distribution of malware, viruses, or other malicious scripts when users download the compromised files. It could happen unknowingly to both users and the developers of Fatal Models.”

Worried that unreported data leaks or breaches can impact your identity and digital security?

Take a look at Bitdefender Digital Identity Protection to instantly find out if your data has been leaked in a breach, what type of information was compromised, what risks you face, and whether your information is for sale on the Dark Web.