And the hacker is asking a bizarrely low price for the data.
Prostitution is legal in the Netherlands, but that doesn’t mean every Dutch person who engages in sex work — or hires a sex worker — wants their identity revealed.
Now, many might not have a choice in the matter. A website used by Dutch sex workers and their customers to discuss experiences was just hacked — and the hacker is now trying to sell the stolen data on the dark web, according to Dutch broadcaster NOS.
On the Hook
NOS’s story claims that the hacker exploited a bug in the software that the site, Hookers.NL, uses to run its chat room. That bug allowed the hacker to obtain the e-mail addresses, user names, IP addresses, and encrypted passwords of the sites’ more than 250,000 users.
According to NOS, the hacker is now trying to sell the data on a dark web marketplace for what seems like a ludicrously low figure: $300.
Hookers.NL’s media spokesman Tom Lobermann told NOS that the sex worker website has already let all its account holders known about the incident. Unsurprisingly, the site is “not happy” about the breach.
The alleged hacker, meanwhile, seemed rather blasé about the whole situation in a conversation with NOS.
“It only concerns fewer than three hundred thousand users,” the pseudonymous cybercriminal told the broadcaster. “Tens of thousands of websites are hacked every day. I am not the devil. It is not a question of whether your website is hacked, but when.”
READ MORE: Sex workers’ clients exposed by Dutch hack attack [BBC News]
More on hacking: Criminals Hacked the “Sesame Street” Store, Stole Credit Card Info