If you have an account with EscortReviewscom, you may want to change your password immediately Bleeping Computer reports that a database containing information on over 472,000 site members has been posted online

The database includes usernames, e-mail addresses, IP addresses, and Yahoo, MSN, and Skype account names, all of which could be used to identify members (Members are not required to use their real names)

Account passwords were encrypted using the MD5 "hashing" algorithm; passwords hashed using MD5 can often be easily cracked and should be considered compromised Cracked passwords can be used to hijack accounts

EscortReviewscom is a user-driven online forum where escorts - ie, sex workers - in the United States and Mexico post information about themselves and customers write about the quality of their experiences with sex workers

The site is currently offline, but an archive of some pages is available at the Internet Archive's Wayback Machine

The most recent EscortReviews home page, cached in November, states, "Whether you are a male member looking for new friends or a new woman on the scene trying to network, make new friends or take advantage of our many opportunities to connect with others Regardless, we promise to have something for you"

Bleeping Computer noted that the site was using an older version of vBulletin forum software, which is known to have security flaws and has not been supported since 2017 It was not clear whether the site itself was compromised or whether online backups of the database were accessed

Needless to say, whether you are a sex worker or a customer, you do not want the information exposed by the EscortReviewscom data breach linked to your real identity We want you to not only use unique and strong passwords, but we want you to take precautions

If you are signing up for an account with a service that is of questionable legality, one that may cause you a lot of embarrassment, or in the case of many prostitutes, one that may put you in physical danger if your real name is revealed, you need to be proactive and cover your footprints need to be covered

Use a burner e-mail address that will not be used for other accounts Create a username that you have never used elsewhere (Many hackers committing online crimes have been caught for reusing usernames)

Do not connect your account to accounts on other services Use one of the best VPN services to hide your computer's IP address, but keep in mind that most consumer VPNs log user activity

We usually tell you to use one of the best password managers to keep all your passwords straight, but in this case it may not be a good idea Having an EscortReviewscom entry in your password vault could cause suspicion if a friend, roommate or spouse discovers it