A SPANISH brothel chain based in Barcelona and Valencia left its database exposed online with no password protection, an internet security expert has discovered.
It meant that anyone with a little tech knowledge could have accessed private information on escort girls, customer reviews and the organisation’s financial details. While customer details were not directly divulged, ‘customer reviews’ that were on the database included the email addresses of clients.
This information could potentially be used for blackmail purposes. Worst affected were the escorts used. Their real names, dates of birth, age, nationality, height, weight, chest size were included. Again, this meant they were potentially exposed to blackmail and other criminal activity.
The leaky server was found by Bob Diachenko of Security Discovery, which is based in the USA. He helps companies with unsecure servers. He approached the unnamed organisation, who thanked him and closed the security loophole the same day. There is no suggestion anyone actually accesed the data.
The affected company describes itself as an investment and holdings firm on its website but runs three ‘men’s clubs’, two in the city of Barcelona, and one in Valencia.
Prostitution is not illegal in Spain, but running brothels can be.