Hackers have accessed the search history and viewing habits of premium users of Pornhub, one of the world’s most popular pornography websites.
A gang has reportedly accessed more than 200m data records, including premium members’ email addresses, search and viewing activities and locations. Pornhub is a heavily used site and says it has more than 100m daily visits globally.
The hack was reportedly carried out by a western-based group called ShinyHunters, according to the website BleepingComputer, which first reported the hack. The site reported that the data included premium members’ email addresses, search and viewing activity and location. The data consists of 201m records related to premium members.
The website added that the Canadian-owned Pornhub had received an extortion demand from ShinyHunters about the hack. The Reuters news agency on Wednesday also claimed to have spoken to a ShinyHunters member in an online chat who was demanding a payment in bitcoin to prevent the publication of data and delete it.
Pornhub said in a statement on its website that premium users had been affected by an attack on Mixpanel, a company that had provided data analytics to the publisher. Pornhub said a “select” number of users had been affected and that it had stopped working with Mixpanel in 2021, indicating the data is not recent.
“It is important to note this was not a breach of Pornhub Premium’s systems. Passwords, payment details and financial information remain secure and were not exposed,” said the pornography service.
Pornhub added that an “unauthorized party” had been able to extract a “limited set of analytics events for some users”. Other types of data taken include video URL, video name, keywords associated with the video, and the time the event occurred, according to BleepingComputer.
In a statement Mixpanel said it was “aware” of the alleged data theft but said it had found no indication that it was related to a cyber-attack on the business last month.
Sophos, a cybersecurity firm, told the Guardian it had seen no evidence of Pornhub data being released on so-called leak sites – part of a hacking group’s armoury for extracting payments – or in online chat platforms linked to the ShinyHunters group.
Sophos said the ShinyHunters group was generally comprised of native English speakers in their late teens to early 20s and was part of a broader community of cyber criminals dubbed The Com, short for The Community. The Com is the same community from which the English-language speaking Scattered Spider group emerged, and which has been strongly linked with hacks against M&S, the Co-op and Harrods.
Pornhub and Mixpanel have been approached for comment.
