"Hilariously insecure": Andrew Tate's The Real World breached, 800,000 users affected (malwarebytes)

Disclaimer: this was distributed through newsletter and blog by the software company Malwarebytes. Also reported by more usual outlets, but mostly business-related or -run.


Posted: November 25, 2024 by Pieter Arntz

Andrew Tate’s online education platform The Real World—formerly known as Hustlers University—has been hacked and user data has been stolen.

Hacktivists flooded the primary chatroom with emojis as proof that they had breached the site. After this they shared approximately 794,000 usernames of, allegedly, the site’s current and former members with the Daily Dot and journalism collective DDoSecrets.

The stolen chat logs originated from the platform’s 221 public and 395 private chat servers. Included in the data are 794,000 usernames for current and former members, and 324,382 unique email addresses that appear to belong to users who were removed from the main database after they stopped paying their subscriptions.

It’s not clear if this set of email addresses came from a less secure environment or whether the hacktivists just stumbled over those first. A source close to the hacktivists say the platform’s security is “hilariously insecure.”
***
more: https://www.malwarebytes.com/blog/news/2024/11/hilariously-insecure-andrew-tates-the-real-world-breached-800000-users-affected?



(not exactly LBN, but I thought some might enjoy a dose of schadenfreude)