Porn site user data leaked via vBulletin vulnerability

800,000 members of Brazzers site were revealed following data breach

The detail of more than 800,000 members of porn site Brazzers have been released into the wild following a data breach using a vulnerability in the vBulletin forum software used by the website.

Brazzers said it had "taken measures" to stop people being able to use the information stolen to re-login to the forum.

The details of the breach were sent to news site Motherboard, which said it was sent the data by breach monitoring site Vigilante.pw "for verification purposes". In total, it includes the email addresses of 790,724 unique email addresses, although the dump contains 928,072 entries, many of which are duplicates.

Security researcher Troy Hunt spoke to Motherboard about the breach, after he was asked to help ascertain whether the entries were genuine users. He confirmed some of the members of his site, Have I been pwned said that their correct details were listed on the database.

Advertisement
Advertisement - Article continues below

"Problem with a hack like that is it's a forum," he said. "Worse than just adult website creds, this is what people were talking and fantasising about."

Some of Brazzers' users however, said they had used a spare email address to safeguard themselves should a breach happen.

"I used throwaway login/pass for this very reason," said one user, while another commented: ""It's unfortunate that my information was included in the breach, but that's the risk you run making an account anywhere on the web."

Brazzers' forums are a place where users can discuss their favourite scenes and actors in the porn industry, but it's not clear whether the criminals were able to access the conversations or just the login details.

Users are being urged to change their usernames and passwords for both the forum and other sites they use the same information for.

Brazzers commented: "This matches an incident which occurred in 2012 with our 'Brazzersforum,' which was managed by a third party. The incident occurred because of a vulnerability in the said third party software, the 'vBulletin' software, and not Brazzers itself.

"That being said, users' accounts were shared between Brazzers and the 'Brazzersforum' which was created for user convenience. That resulted in a small portion of our user accounts being exposed and we took corrective measures in the days following this incident to protect our users."

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

4 Nov 2019
Visit/domain-name-system-dns/34842/microsoft-embraces-dns-over-https-to-secure-the-web
Domain Name System (DNS)

Microsoft embraces DNS over HTTPS to secure the web

19 Nov 2019
Visit/strategy/28115/the-pros-and-cons-of-net-neutrality
Business strategy

The pros and cons of net neutrality

4 Nov 2019
Visit/social-media/34844/can-wikipedia-founders-social-network-really-challenge-facebook
social media

Can Wikipedia founder's social network really challenge Facebook?

19 Nov 2019