Brazzers porn forum hack exposes 800,000 user details

A spokesman for Brazzers said the hack 'matches an incident which occurred in 2012'iStock

Hundreds of thousands of users of a forum closely related to popular adult website Brazzers have been exposed in a data breach, with usernames and passwords exposed by hackers.

The leak, which was disclosed by a breach notification website called vigilante.pw, contained 790,724 email records in total, alongside forum usernames and even plain-text passwords. Like previous breaches at websites GTAGaming and Epic Games, the data leak has been blamed on security flaws in a piece of forum-building software called vBulletin.

The full dataset was verified in part by Australian cybersecurity researcher Troy Hunt and first reported by Vice Motherboard. Hunt manages a vital service called Have I Been Pwned which allows users to check if they are impacted in the leak.

Advertisement

The forum, at the time of writing, is offline and labelled as "under construction". When it is active and in use, it allows users to chat about porn films hosted on the Brazzers network and discuss both the clips and their actors and actresses.

Matt Stevens, a public relation manager at Brazzers, told Motherboard: "This matches an incident which occurred in 2012 with our Brazzersforum which was managed by a third party. Users' accounts were shared between Brazzers and the Brazzersforum which was created for user convenience.

"That resulted in a small portion of our user accounts being exposed and we took corrective measures in the days following this incident to protect our users. Note that the data provided contains many duplicates and non-functional accounts. We banned all non-active accounts in that list in case those usernames and passwords are reused in the future."

This is not the first hack from 2012 to have surfaced this year. Other major data dumps from big technology firms and websites have included LinkedIn, VK, Myspace and Dropbox. Each, unfortunately for users of the respective platforms, exposed millions of users.

According to cybersecurity commentator Graham Cluley, the hacking of a porn website raises the stakes when it comes to the real-world consequences of a data leak. "Floating around the internet now are the email addresses, usernames and passwords of close to 800,000 online porn fans," he wrote in a blog post.

"That's a goldmine for spammers wishing to promote other adult services or – more sinisterly – attempt to export money through blackmail threats.

"The claim that the stolen records date back to 2012 doesn't really negate that threat very much, as people seldom change their email addresses. It should go without saying that if you think you might be at risk you should ensure that you have changed your password on any site where you reused your Brazzers forum credentials."

Advertisement

© Copyright 2017 IBTimes Co., Ltd. All Rights Reserved.