Current threat status and a transparent history of security incidents on RateMyBody.net
All-time flagged events by severity — every one blocked, zero breaches.
We believe in being upfront with our community. This page reflects our real-time threat level and gives a plain-language summary of notable security events — what happened, what we did about it, and how it affects you (spoiler: it usually doesn't, because your data stays safe). We intentionally keep technical specifics about our defenses light — enough to reassure you, not enough to help anyone trying to test them.
The threat meter above updates automatically based on real security monitoring, and can be adjusted by our security team during active incidents.
The attacker resumed their automated SQL injection campaign on July 17th, sending an additional ~65,000 attempts throughout the day. As with Day 1, our defenses neutralized every single request before it reached the database. No data was accessed or modified. The attacker appears to have been testing persistence; they received the same result twice: complete failure.
Our systems detected and blocked approximately 65,000 automated SQL injection attempts targeting a comment endpoint over the course of several hours on July 16th. No data was accessed or modified — every request was neutralized before it reached the database. We used the event to review and tighten rate limiting across additional endpoints site-wide.
Hey there! 👋 Thanks for the 130,000 automated SQL injection attempts over two days. Really appreciate the dedication — but we gotta say, you absolutely suck at this. 😂
Every. Single. Attempt. Got logged. You weren't subtle, you weren't clever, you were just loud — kind of like knocking on a locked door for hours and wondering why nobody answers.
A tip for next time (there won't be one, but humor us): find a new hobby. This one isn't working out for you.
Final score: 0/10 🎮
RateMyBody.net's security architecture has successfully repelled every automated attack attempt to date, with zero successful breaches. We continuously monitor, log, and respond to suspicious activity, and we tighten things further whenever we learn something new. Your data is safe with us.
All underage content is immediately blocked from public access. Photos flagged as depicting individuals under 18 are removed from our platform and stored securely on our servers for 1 year, in compliance with updated child protection laws. This retention policy serves a critical purpose: preserving evidence for law enforcement and child safety authorities who may need to investigate child exploitation or safety concerns.
We maintain detailed logs of when content was flagged, by which detection method (AI, user reports, or manual review), and all associated metadata. This creates a complete audit trail that authorities can use for their investigations. After 1 year, underage content is permanently deleted unless law enforcement requests a longer retention period.
Our commitment to this policy reflects our belief that protecting children is more important than aggressive content growth — we refuse to compromise on child safety, ever.