Someone Leaked 4TB Worth Of OnlyFans' Private Performers Videos And Images To The Internet

29/02/2020

OnlyFans is a social media platform based in London, England. Through it, users can upload any kind of contents, including photos, creative writings, videos and so forth. OnlyFans users include physical fitness experts, musicians and others.

Launched in 2016, the platform has also become popular among models, online celebrities, as well as sex workers and porn performers. Through OnlyFans' content subscription service, content creators can earn money by posting their contents to fans that pay for the access.

This time, someone allegedly managed to steal and then leaked terabytes worth of OnlyFans' exclusive data, including PPV (pay-per-view) specials, pornographic and adult videos and photos.

According to one of the first that noticed the dump, Scottish journalist Vonny LeClerc said that she discovered links on the internet that point to a Mega cloud storage that leaks the files.

She said that the leak was disorganized, with the content was divided into several different folders. And it seems that the people behind it have been accessing them individually, and then later putting their collective findings into the collection for distribution, she concluded.

This is why the size of the leak fluctuated from time to time, ranging from about 1.5 terabytes to over 4 terabytes, as the files were added or deleted.

In total, the leak has an equivalent of around 3 million photos, or 750 hours worth of HD videos.

The breach represents the biggest file leak in the site's history.

Read: Online Sex Worker Earns $35,000 A Month After Receiving U.S. Army's Lusty Tweets

OnlyFans

With links to the massive directory were widely circulated on social media like Instagram and Twitter, as well as online forums like Reddit, OnlyFans' performers were concerned.

Because performers are allowed to monetize their content uploaded to OnlyFans, the breach means that the content creators may no longer profit from their work. And worse, it doesn't seem like there is anything they can do about it.

"This is paid for private content that we own," one OnlyFans performer said. "This is illegal and a violation of our rights."

Another performer on OnlyFans, said that leaks are actually common on adult platforms. And OnlyFans is no exception. The people who are affected the most, are the creators themselves, she implied. The loss of control over monetized content has the most obvious ramifications.

When Motherboard stepped in, it reported that it hasn't seen any evidence that users or models' personal information were actually exposed.

Instead, it suggested that the content being shared in the links are mostly images and videos of the models made during public or private shows, or custom-made clips.

What Motherboard is trying to say is that, rather than a "real" data breach, the case is more like what happens to sex workers every day on the internet: someone has stolen their content and re-shared it for free to the web, spreading it around online through both social platforms and forums devoted to ripping the performers' paid content.

In other words, the leak might not be a hack after all, but a result of OnlyFans paying members who acquired the photos and videos individually, and then shared them with others.

The photos and videos were then compiled into one large file for free.

While this may mean that OnlyFans hasn’t been breached, it shows that the platform’s distribution model has some security holes. Since users can take photos and videos from the site, it’s easy for those users to reupload and re-share them elsewhere later on the web, depriving the platform’s users of revenue.

Nevertheless, while it may not be considered technically as a breach or hack, or even a "leak," the case is still highly disconcerting, and potentially dangerous for the models involved.

Not only that the performers are deprived from their income, this kind of incident also left them violated and vulnerable.

While performers and models sensitive information or real name may not be exposed, reports suggested that some of the more explicit videos have names of the performers attached to them. What this means, anyone who gets their hands on the videos can potentially harass the performers on the web.

An early example was seen when internet trolls were victim-blaming affected OnlyFans' performers. They argue that the creators should not post explicit content if they are worried about them being shared.

And when using reverse people search, social media crawling, search engines and others like scraping tools and image recognition, fans can seek more of those performers' information, opening chances for harassment beyond the web to real-life.

According to Buzzfeed News which was able to directly access the files, OnlyFans' performers whose contents were stolen, include Instagram models, TikTok personalities and also porn stars.

There are also rumors circulating on the web that said the files contain child sex abuse imagery, malware, or both.

This can be true, as the original file has been re-shared multiple times by different internet users. What this means, some files that were present on the original leak may have been removed, or replaced.

Addressing the issue, OnlyFans claims that it wasn't hacked. Steve Pym, the company's head of marketing, said that:

"We have investigated claims of a site wide hack and found no evidence of any breach of our systems. The content contained in the supposed ‘leak’ seems to be curated from multiple sources, including other social media applications."

The company has assembled a team to investigate the copyright violation claims and piracy, and encourages users who feel that their content has been improperly used to contact it directly through email or its help center.

“OnlyFans takes content piracy very seriously and has a designated DMCA team that issue formal takedown notices against all reported copyright violations. This service is provided free to all of our creators,” a spokesperson said.

LeClerc has also done her part, by interacting with Troy Hunt on Twitter. But Hunt said that he may not be able to notify affected users via his HaveIBeenPwned service, because the leak only include media files and no username-password records.

"Lots of people who use [OnlyFans] rely on this as a revenue stream," LeClerc told BuzzFeed.

"Younger people, trans and nonbinary people, disabled people, people who may not have the easiest access to traditional employment. It gives anyone a means of making paywall-protected adult content. But clearly, it offers zero protection for creators, whose content can be bought and then freely distributed onwards."

OnlyFans is one of a shrinking number of platforms through which sex workers can earn their main source of income.

As far as the legitimacy of the data is concerned, buyers of the data have been giving positive reviews to the sellers/uploaders. It was said that people could buy the trove of data with Bitcoin or PayPal by spending only $5 to $12.

"Hello friends, today I bring you a large collection of 0nlyfans models. Here below I leave you some screenshots of what I have for now, and not only limited to that content since I will be uploading more models," states the listing.

Previously, PayPal ditched Pornhub, making it difficult for Pornhub’s Models program to get paid.