The notorious hacking collective known as ShinyHunters has taken responsibility for a significant data breach involving premium subscribers of the adult entertainment giant, Pornhub. The group is now threatening to publicly release the stolen information unless their demands for a ransom payment in Bitcoin are met.
Scope of the Breach and Ransom Demand
According to a report by BleepingComputer, the data pertaining to Pornhub's paying customers was allegedly stolen during a recent breach at Mixpanel, a third-party data analytics company. ShinyHunters has claimed possession of a massive 94GB of data containing over 200 million records. Specifically, the group confirmed to BleepingComputer that the data consists of 201,211,943 records detailing the historical search, watch, and download activity of Pornhub Premium users.
In a communication with Reuters, to whom they also sent a sample of the data, ShinyHunters stated, “We’re demanding a ransom payment in Bitcoin to prevent the publication of [Pornhub] data and delete the data.” The news agency has partially confirmed the authenticity of the data sample provided.
Conflicting Claims and Company Responses
Mixpanel, however, has firmly denied any involvement in this specific leak. The company told Reuters, “We are confident Pornhub was not among those clients and that this data is unrelated to the November incident.” This statement directly contradicts the hackers' claims about the source of the breach.
Pornhub, which boasts over 100 million daily visitors and 36 billion yearly visits, acknowledged the incident in a security post. The company confirmed that data from a third-party analytics provider led to a cybersecurity incident impacting some Premium users. Pornhub emphasized that this was not a breach of its own internal systems.
The platform stated, “No passwords, credentials, payment details or government IDs were compromised or exposed and we have since secured the affected account and stopped the unauthorized access.” Pornhub added that it launched an internal investigation upon learning of the incident and is engaging with relevant authorities and Mixpanel to determine the full nature and scope of the breach.
Extortion Campaign and Wider Implications
The BleepingComputer report reveals that ShinyHunters began extorting Mixpanel customers last week by sending them threatening emails. These emails, starting with "We are ShinyHunters," warned that their stolen data would be published if ransom demands were not fulfilled. This incident highlights the severe risks associated with data aggregation by third-party service providers and the growing trend of cybercriminals targeting such vendors to access information from multiple companies at once.
For the millions of users of one of the internet's most popular sites, the breach exposes sensitive viewing habits, even if critical financial data remains secure. The situation remains fluid as investigations continue and the threat of data publication by ShinyHunters looms.
