Porn site user data leaked via vBulletin vulnerability

800,000 members of Brazzers site were revealed following data breach

The detail of more than 800,000 members of porn site Brazzers have been released into the wild following a data breach using a vulnerability in the vBulletin forum software used by the website.

Brazzers said it had "taken measures" to stop people being able to use the information stolen to re-login to the forum.

Advertisement - Article continues below

The details of the breach were sent to news site Motherboard, which said it was sent the data by breach monitoring site Vigilante.pw "for verification purposes". In total, it includes the email addresses of 790,724 unique email addresses, although the dump contains 928,072 entries, many of which are duplicates.

Security researcher Troy Hunt spoke to Motherboard about the breach, after he was asked to help ascertain whether the entries were genuine users. He confirmed some of the members of his site, Have I been pwned said that their correct details were listed on the database.

"Problem with a hack like that is it's a forum," he said. "Worse than just adult website creds, this is what people were talking and fantasising about."

Some of Brazzers' users however, said they had used a spare email address to safeguard themselves should a breach happen.

"I used throwaway login/pass for this very reason," said one user, while another commented: ""It's unfortunate that my information was included in the breach, but that's the risk you run making an account anywhere on the web."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Brazzers' forums are a place where users can discuss their favourite scenes and actors in the porn industry, but it's not clear whether the criminals were able to access the conversations or just the login details.

Users are being urged to change their usernames and passwords for both the forum and other sites they use the same information for.

Brazzers commented: "This matches an incident which occurred in 2012 with our 'Brazzersforum,' which was managed by a third party. The incident occurred because of a vulnerability in the said third party software, the 'vBulletin' software, and not Brazzers itself.

"That being said, users' accounts were shared between Brazzers and the 'Brazzersforum' which was created for user convenience. That resulted in a small portion of our user accounts being exposed and we took corrective measures in the days following this incident to protect our users."

Advertisement

Recommended

Visit/security/cyber-security/355185/165-million-britons-experienced-a-cyber-crime-in-the-past-year
cyber security

Report: 16.5 million Britons fell victim to cyber crime in the past year

1 Apr 2020
Visit/cloud/amazon-web-services-aws/355183/aws-launches-amazon-detective
Amazon Web Services (AWS)

AWS launches Amazon Detective for investigating security incidents

1 Apr 2020
Visit/security/privacy/355182/government-to-launch-coronavirus-contact-tracking-app
privacy

UK government to launch coronavirus 'contact tracking' app

1 Apr 2020
Visit/software/video-conferencing/355180/zoom-does-not-use-end-to-end-encrypted
video conferencing

Zoom admits meetings don't use end-to-end encryption

1 Apr 2020

Most Popular

Visit/security/cyber-security/355200/spacex-bans-the-use-of-zoom
cyber security

Elon Musk's SpaceX bans Zoom over security fears

2 Apr 2020
Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/security/cyber-crime/355171/fbi-warns-of-zoom-bombing-hackers-amidst-coronavirus-usage-spike
cyber crime

FBI warns of ‘Zoom-bombing’ hackers amid coronavirus usage spike

31 Mar 2020