When operators of sex-oriented Web sites gather at the Internext convention starting Sunday in Las Vegas, a major leak at a little New Jersey company is likely to be a big topic.
Freehold-based Too Much Media, which sells accounting software for adult Web sites, told its customers last month that a security breach on its computers allowed hackers to access various adult Web sites’ subscriber lists.
Keith Kimmel of Norman, Okla., who runs two Web sites that feature porn, said the breach has the potential to embarrass.
“Would you really want a record floating around the Internet that you subscribe to hardcore bondage?” he asked.
Indeed, it appears stolen personal and company information is being used to bombard subscribers, many of whom would rather not have their identities known, with junk e-mails advertising sexually explicit images from competitors. No credit information appears to have been stolen.
Company co-founder John Albright said someone stole addresses and passwords from Too Much Media’s computers that allowed them to log onto its customers’ porn Web sites as the webmasters and extract information about porn subscribers and the Web sites that refer them.
Too Much Media’s Next-Generation Administration and Tracking Software, known as NATS, tracks referrals to porn Web sites from other sites and calculates how much the affiliate sites are owed. The porn purveyors typically pay the affiliates a portion of their subscription revenue.
Using the e-mail addresses and passwords, the hackers — seeking customers for still other porn enterprises — sent around new waves of pornographic spam, Albright said.
Practically everyone with an e-mail address has to contend with unwanted e-mails from porn purveyors.
But industry experts say online porn customers are especially concerned about keeping their subscriptions private and would not want their actual patronage of porn sites revealed by means of individualized spam that a friend or family member might see.
Jim McAnally, who has published porn on the Internet since 1993, said he’d never heard about such a serious breach in the industry.
“There’s a loss, in my opinion, of user confidence,” said McAnally, of Atlanta, who owns six porn sites and uses the Too Much Media software.
McAnally said he expects lots of chatter at the Internext convention, which follows close on the heels of the Adult Entertainment Expo that ran from Wednesday through Saturday, in Las Vegas, about how to prevent such breaches in the future.
It’s been a big topic over the last few weeks on the online message board he runs for webmasters of adults sites.
Porn is one of the oldest businesses on the Internet. Countless adult sites offer video, photos and even cartoons dealing with sex.
Many of Too Much Media’s customers had security measures in place to block the invasion, Albright said. But he said the company no longer stores the e-mail addresses and passwords of its customers.
“The story’s been sensationalized,” Albright said. “It’s not like people are taking this information to go out there and say, ’John Smith bought a subscription to this Web site.’ It’s just used to market more porn Web sites.”
Corey Silverstein, a lawyer for MojoHost, a Farmington Hills, Mich., Web hosting company that counts porn sites among its clients, said 13 use the NATS software. All of them reported that their information had been accessed because of the breach at Too Much Media, he said.
“Thousands of individual accounts were wide open for anyone on the Internet to go in and take,” said Silverstein.
The addresses gathered by NATS customer Web sites may be especially valuable to porn companies. As more free porn sites pop up, fewer people are willing to subscribe to the paid ones, Silverstein said.
Silverstein said he expects the online porn world to tighten its security standards because of the Too Much Media problem.