Porn site user data leaked via vBulletin vulnerability
800,000 members of Brazzers site were revealed following data breach
The detail of more than 800,000 members of porn site Brazzers have been released into the wild following a data breach using a vulnerability in the vBulletin forum software used by the website.
Brazzers said it had "taken measures" to stop people being able to use the information stolen to re-login to the forum.
The details of the breach were sent to news site Motherboard, which said it was sent the data by breach monitoring site Vigilante.pw "for verification purposes". In total, it includes the email addresses of 790,724 unique email addresses, although the dump contains 928,072 entries, many of which are duplicates.
Security researcher Troy Hunt spoke to Motherboard about the breach, after he was asked to help ascertain whether the entries were genuine users. He confirmed some of the members of his site, Have I been pwned said that their correct details were listed on the database.
"Problem with a hack like that is it's a forum," he said. "Worse than just adult website creds, this is what people were talking and fantasising about."
Some of Brazzers' users however, said they had used a spare email address to safeguard themselves should a breach happen.
"I used throwaway login/pass for this very reason," said one user, while another commented: ""It's unfortunate that my information was included in the breach, but that's the risk you run making an account anywhere on the web."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Brazzers' forums are a place where users can discuss their favourite scenes and actors in the porn industry, but it's not clear whether the criminals were able to access the conversations or just the login details.
Users are being urged to change their usernames and passwords for both the forum and other sites they use the same information for.
Brazzers commented: "This matches an incident which occurred in 2012 with our 'Brazzersforum,' which was managed by a third party. The incident occurred because of a vulnerability in the said third party software, the 'vBulletin' software, and not Brazzers itself.
"That being said, users' accounts were shared between Brazzers and the 'Brazzersforum' which was created for user convenience. That resulted in a small portion of our user accounts being exposed and we took corrective measures in the days following this incident to protect our users."
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.