Former OnlyFans employees allegedly retained access to sensitive user data after leaving company: report

A new report claims that former employees of online platform OnlyFans retained access to sensitive data from some users long after leaving the company.

A former employee spoke to VICE and revealed that ex-employees retained access to Zendesk, which OnlyFans used to log and respond to customer support tickets.

The employee, who remained anonymous out of fear of retaliation, showed VICE his or her ability to access Zendesk.

"It's a shame that they have this large company and feel they can play with people's lives like this," the former employee said. "There are already so many things they are in trouble for and privacy should not be one of them. Everyone on that platform, especially sex workers, need to have their information be safe and it isn't."

The OnlyFans privacy policy states that the company and its subsidiaries "respect your privacy and are committed to protecting the personal data we hold about you."

However, the data that the former employee claimed to access included a range of information, including credit card numbers, drivers’ licenses and passports, since support tickets can cover any number of issues with a user experience.

The user data covers both subscribers and models, since models submit such information to verify their identities.

Porn sites have previously suffered significant data breaches and face increased scrutiny over their practices following a concerning report over Pornhub’s lack of oversight regarding content on its website.

A report by The New York Times in December 2020 claimed that the site’s videos often contained scenes of rape, revenge porn and content taken without consent. The platform responded by removing the majority of its content – any video that was unverified – to prevent an exodus of support from companies like Paypal, Visa and Mastercard.