Porn site user data leaked via vBulletin vulnerability

800,000 members of Brazzers site were revealed following data breach

The detail of more than 800,000 members of porn site Brazzers have been released into the wild following a data breach using a vulnerability in the vBulletin forum software used by the website.

Brazzers said it had "taken measures" to stop people being able to use the information stolen to re-login to the forum.

The details of the breach were sent to news site Motherboard, which said it was sent the data by breach monitoring site Vigilante.pw "for verification purposes". In total, it includes the email addresses of 790,724 unique email addresses, although the dump contains 928,072 entries, many of which are duplicates.

Security researcher Troy Hunt spoke to Motherboard about the breach, after he was asked to help ascertain whether the entries were genuine users. He confirmed some of the members of his site, Have I been pwned said that their correct details were listed on the database.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"Problem with a hack like that is it's a forum," he said. "Worse than just adult website creds, this is what people were talking and fantasising about."

Some of Brazzers' users however, said they had used a spare email address to safeguard themselves should a breach happen.

"I used throwaway login/pass for this very reason," said one user, while another commented: ""It's unfortunate that my information was included in the breach, but that's the risk you run making an account anywhere on the web."

Brazzers' forums are a place where users can discuss their favourite scenes and actors in the porn industry, but it's not clear whether the criminals were able to access the conversations or just the login details.

Users are being urged to change their usernames and passwords for both the forum and other sites they use the same information for.

Brazzers commented: "This matches an incident which occurred in 2012 with our 'Brazzersforum,' which was managed by a third party. The incident occurred because of a vulnerability in the said third party software, the 'vBulletin' software, and not Brazzers itself.

Advertisement - Article continues below

"That being said, users' accounts were shared between Brazzers and the 'Brazzersforum' which was created for user convenience. That resulted in a small portion of our user accounts being exposed and we took corrective measures in the days following this incident to protect our users."

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/microsoft-windows/354789/microsoft-pulls-disastrous-windows-10-security-update
Microsoft Windows

Microsoft pulls disastrous Windows 10 security update

17 Feb 2020
Visit/mobile/28299/how-to-use-chromecast-without-wi-fi
Mobile

How to use Chromecast without Wi-Fi

5 Feb 2020
Visit/business/business-operations/354790/hp-shareholders-invited-to-come-dine-with-xerox
Business operations

HP shareholders invited to come dine with Xerox

17 Feb 2020
Visit/operating-systems/27717/how-to-fix-a-stuck-windows-10-update
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020