Data breach had exposed the names of about 800000 registered users of famous porn site Brazzers. The details of the accounts have been taken from the associated forums with the site on which fans of this porn site discuss favourite performers and scenes.
It is expected that the attackers have stolen the data by taking advantage from exposing in the vBulletin software which runs chat forum. Brazzers said it had taken steps to limit the fraudulent use of login names, and Brazzers forum is taken down for maintenance.
The data was collected from the Brazzers forum site which was set up for users. The data was stolen back in 2013 and has come to light now.
The information of the Brazzers users has first spotted data breach-monitoring site vigilante.pw which monitors data breach. The dump of data includes usernames, email addresses, and clear text passwords.
Security researcher Troy Hunt confirmed the data was accurate by checking few details through the stolen database credentials he maintains.
“The release of the data was potentially more embarrassing than just knowing someone was a member of a porn site because it exposed users’ conversations. The problem with a hack like that is it’s a forum, Worse than just adult website creds, and this is what people were talking and fantasizing about.” Says, Troy Hunt.
Brazzers confirmed that the data breach occurred through the vBulletin software which keeps the forum running. Hackers widely used the software was not kept up more frequently up to date by forum administrators. Many recent breachers all had been all traced back to vBulletin.
“Floating around the internet now are the email addresses, usernames, and passwords of close to 800000 online porn fans,” says, Graham Cluley, Cybersecurity Commentator.
Brazzers reported that it had taken “corrective measures” to stop credentials being re-used and protect users.