Hackers Dump 800,000 Brazzers Porn Site Accounts on the Dark Web

Rafia Shaikh
Posted Sep 5, 2016
16Shares
Share Tweet Submit

There just doesn’t seem to be an end to juicy data dumps, and this week it’s nearly 800,000 accounts from the popular porn site Brazzers.

Brazzers has been caught up in this year’s ongoing trend of massive data dumps as almost a million accounts have been exposed. The data originated from the company’s forum, but it seems likely that users who never signed up to the platform may be caught up in this latest breach. The data were sent to Motherboard by a breach monitoring website Vigilante.pw for verification. According to the publication, the dataset contains 928,072 individual records, with 790,724 unique email addresses, along with many usernames and plaintext passwords. Many of the entries were either duplicated or inactive accounts.

The company has taken the forum in question down for “maintenance” but there is no word on when it will be back up.

Brazzers data leak is more “revealing” than a normal porn site hack

The targeted forum allowed users to discuss scenes from porn films, chat about players and request specific scenarios for future films. Security researcher Troy Hunt said that this latest data dump is more sensitive than any other porn site breach as it could lead to private messages.

“When it’s solely membership of an adult website, you know the person has an interest in adult material, which, whilst potentially embarrassing, tells you very little about them. Once they’re commenting within a forum though, now you have very personal information about their intimate thoughts. We also know that forum breaches frequently include not just user credentials, but private messages as well, and those can be particularly revealing.”

Matt Stevens, public relations manager for Brazzers gave the following statement to Motherboard,

This matches an incident which occurred in 2012 with our ‘Brazzersforum,’ which was managed by a third party. The incident occurred because of a vulnerability in the said third party software, the ‘vBulletin’ software, and not Brazzers itself. That being said, users’ accounts were shared between Brazzers and the ‘Brazzersforum’ which was created for user convenience. That resulted in a small portion of our user accounts being exposed and we took corrective measures in the days following this incident to protect our users.”

Stevens statement clarifies that like many other recent breaches of LinkedIn, Dropbox and Last.fm, this data also hails back to a 2012 breach. Another hint of vBulletin being the reason for this breach points that the same hacking group might be responsible for these breaches and now data dumps. Vulnerabilities in the software have been previously used to get into Epic Games and Minecraft forums.

As always, you can confirm if your data is part of this dump at Hunt’s HaveIBeenPwned.com website.

Share Tweet Submit