An SQL injection attack has led to a database filled with customer information for the site MyFreeCams being sold on a criminal forum. MyFreeCams is an adult video streaming and chat service with over ten million users. In total, the hacker claims to have obtained the account information of around two million users. The information that was accessed contains usernames, plain-text passwords, and email addresses. Having this information could allow for someone to extort the users for their on-site currency, also known as tokens, which can then be sold for a profit. The asking price for smaller pieces of the database when posted on January 14th was $1,500 in Bitcoin for 10,000 lines or records. This led to many users on the criminal forum asking for smaller portions of the database. CyberNews, which is responsible for breaking the news of the breach, stated that the seller’s crypto wallet had received 45 different payments, so it’s likely a significant percentage of the database has already been sold. MyFreeCams also confirmed to CyberNews that the database is legitimate. Customers of MyFreeCams have been notified and asked to change their passwords.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in