A company that makes a chastity device for people with a penis that can be controlled by a partner over the internet exposed users’ email addresses, plaintext passwords, home addresses and IP addresses, and — in some cases — GPS coordinates, due to several flaws in its servers, according to a security researcher.
The researcher, who asked to remain anonymous because he wanted to separate his professional life from the kink-related work he does, said he gained access to a database containing records of more than 10,000 users, thanks to two vulnerabilities. The researcher said he exploited the bugs to see what data he could get access …
