Cyber Incident Victim: MeetMeInYourCity.com

On July 18, 2015, cybersecurity monitoring revealed a data dump attributed to the hacktivist known as @ElSurveillance, exposing approximately 2,500 user credentials from MeetMeInYourCity.com. The compromised data included email addresses paired with clear-text passwords, contradicting the website’s stated security practices of encrypting passwords and protecting sensitive information from unauthorized access. MeetMeInYourCity.com, an online directory for adult entertainment service providers, had explicitly assured users in its Terms & Conditions that confidential passwords were encrypted. DataBreaches.net notified the website about the alleged breach but received no response prior to initial publication. The attacker publicly shared evidence of server access through a screencap to validate the breach’s authenticity.

@ElSurveillance claimed responsibility for the intrusion as part of a broader campaign targeting escort-related platforms, citing ideological opposition to the industry’s societal impact. Zone-H archives documented multiple defacements by the same actor featuring messages criticizing escort agencies and encouraging visitors to reflect on their actions. The hacktivist’s standard defacement text included religious references and instructions to review server logs containing visitor IP addresses. While the website administrators remained unresponsive to media inquiries, the exposure of unencrypted credentials prompted security advisories urging affected users to change passwords on MeetMeInYourCity.com and any other platforms where credentials were reused. The incident highlighted operational security failures in password storage practices despite contractual assurances of data protection.