Another day, another hacking incident. Close to 800,000 of the Brazzers porn networking site accounts have been hacked in a data breach. The data is said to have been extracted from a separate forum for the company, but users of the porn network who have never signed up for the forum might still see themselves in the data dump.
News site, Motherboard, is said to have been given the data by the breach monitoring site, Vigilante.pw. The site was given the data for verification purposes. The hacked data contains 790,724 unique email addresses, which contain user names and some plaintext passwords.
There are 928,072 entries in the whole set, but most of them are duplicates. Security researcher and creator of Have I Been Pwnd? Website, Troy Hunt, helped to verify the dataset that was given after he contacted some of the subscribers who were listed on the dataset, who gave confirmation of their details.
One Brazzers account holder who spoke on anonymity said that it was unfortunate his information had been included in the breach, but he knew the risks when be opened up the account in the first place. Another user of the network who also had details included in the hacked set named John said that this was the very reason he had used a throwaway login/pass for his password.
Public relations manager from Brazzers, Matt Stevens said that the incident was also a match to another incident that happened 4 years ago with the ‘Brazzersforum’, which was under the management of a third party. He said that in the same case now, the problem was as a result of a problem with the third party’s software, the vBulletin, not the Brazzers itself.
But, all being said, since account details of Brazzers users were shared between Brazzers and the Brazzerforum for easy access, some of the account details of users were exposed, but the company has already taken protective measures, he said. Of a truth, the two Brazzers users who spoke for confirmation also confirmed that they had not used the Brazzerforum.
The forum makes use of a separate URL from the main site, and is used by users to discuss porn scenes and porn stars on the Brazzers network. They also used the forum to request new scenarios they would love to see in future Brazzers videos. Brazzers forum page was showing under maintenance notification earlier, and was unavailable to users.
Stevens also said that people had to note that the data given had so many duplicates and also contained some non-functional accounts. All nom-active accounts in the list have been banned therefore, just in case some other people want to use the username, Stevens said. He added that the network took the privacy and online safety of its users very serious.
However, Hunt noted that the affiliation of the data to a forum site made it even more sensitive than it were if it had been on the main network site. He said that if the breach had been on the adult network, then you would be certain that it’s because the person wants to see adult films but it does not tell you much about them. When they start commenting on forums however, you can see their personal thoughts and intimate thoughts.
Forum breaches also include private messages in most of the cases, therefore forum breaches are more revealing. He also noted that there had been an increase in the breach of the vBulletin software because the software was being left unattended to and unloved. There have been vulnerabilities, and patches have been issued but there are still some flaws which will lead to exploits always, he said.