350,000 users exposed by hardcore porn hack

Filed Under: Data loss, Featured, Vulnerability

XXX on fireA hacker, identified as a 17-year-old based in Morocco, claims to have stolen the personal information of 350,000 users from hardcore porn mavens Brazzers.

The point, claims the hacker, was to highlight a security vulnerability on the adult site.

According to reports, the teen uploaded a small sample of the stolen data to the internet, displaying customer emails, usernames and passwords. Presumably to offer up proof that he was behind the breach.

Karen Miller, spokesperson for Brazzers' parent company Manwin Holding, reportedly said that the hacker accessed their websites via an old user forum. Investigations were ongoing.

Ms Miller also explained Manwin and Brazzers were contacting everyone who was potentially affected by the breach but underlined that no credit card information was stolen.

The Associated Press writes that this is a "potential embarrassment for Luxembourg-based Manwin, which runs some of the world's best-known pornography websites."

shocked expression
It is all very well to worry about the porn company's reputation, but what about the customers?! How do they feel knowing that their info, including names and emails, are either available for anyone to see, or risk being posted at the hacker's whim?

The thing that gets me here is that if the hacker was genuinely concerned about the vulnerability on the site, why didn't he follow more responsible disclosure practices?

For instance, he could have called Brazzers, explained the situation and given them an agreed amount of time to fix the problem. Granted though, this wouldn't have gotten the headlines.

Another approach would have been to contact a single journalist and showed him/her the vulnerability in action. This would have protected the site's customers much better and alerted us all once again to the vulnerabilities that exist on the web.

But there is a take-away for us all here - individuals and companies alike: Good housekeeping matters. Make sure to close down accounts and websites you no longer use. Leaving them unpatched, vulnerable and connected is just trouble waiting to happen.

Image courtesy of Shutterstock
Image courtesy of Shutterstock

, , , , , ,

You might like

17 Responses to 350,000 users exposed by hardcore porn hack

  1. The hacker is a kid. He has a childish mentality and wants to make a 'name' for himself. You are right with the responsible route, but with a childish individual of any age, that's not what's going to happen.

    I was expecting him to say that this is what one gets for visiting porn sites. Those sites do tend to be filled with viruses and malware. I've mistyped urls and hit porn sites that tried to download exe files in the background. Thankfully I'm on a Mac and the browser I was using alerted me to the download going on.

  2. Dennis Cox · 984 days ago

    I would have been hilarious if the kid had posted all the names of the perverts in the list.

    George Orwell said 'Big brother is watching'. So what? Everyone is!

    • Paul · 984 days ago

      Just because someone has a membership there, doesn't make him pervert.

    • Richard · 984 days ago

      But how would he identify which ones were perverts? Or are you suggesting that they're all perverts for looking at porn?

  3. Machin Shin · 984 days ago

    "It is all very well to worry about the porn company's reputation"

    Am I the only one rolling on the floor laughing at this? I did not know you could hurt a porn company's reputation.

    • caroletheriault · 984 days ago

      I doubt *very* much that you are alone on this one Machin...

      • Egor · 984 days ago

        he's not alone since when porn companys have reputation ? more crap is their reputation / people working for them more success they get "in their world"

    • Simon · 983 days ago

      Umm . . . I think that's the point the author was making. Was it perhaps too subtle?

  4. Clint · 984 days ago

    A small small?

  5. VFAC · 984 days ago

    Promoting responsible hacker culture is difficult with this current fad of "doing it for the lulz".

  6. Very Funny · 984 days ago

    This article makes me laugh... wishing that the hacker would have handled the situation better... wishing he had been a bit more responsible and cared about divulging people's information... but ultimately forgetting that we're talking about a 17 YEAR OLD here!! hahaha! 17!!! Responsibility isn't usually part of a 17 year old's vocabulary, especially one who is a hacker and who is trying to prove to himself and to others that he was able to do what many can't... at the age of 17!!

  7. VFAC · 984 days ago

    As difficult as it is to avoid innuendo... An online pornography business should be serious about protecting its customers privates.

    If the hacker community was firm in only lauding hackers that did the right thing then the 17 year old would have done something more responsible. As it is, the commonly accepted thing to do is to hack something then put some proof on pastebin or somewhere and gloat.

    I am not saying that the hacker community is entirely at fault here either, companies shooting the messenger with legal action don't help either. As it is being 17 he has no legal right to view the material on the site and sending an email with " I am a juvenile who has been penetration testing your servers and I found a vulnerability" isn't going to earn a kind response.

  8. Lisa Vaas · 983 days ago

    Maybe we should all just out ourselves as porn aficionados, list our favorite perv sites, steal the thunder from sweaty 17-year-olds, and take a day off to devote to drooling over our friends' and colleagues' viewing habits. Or maybe somebody should start a site like GoodReads, where we can see what our friends are up to.

    GoodSmut? GoodGracious?!

    GoodThingMyMotherDoesn'tUseTheInternet.

  9. Bedridden |Abdul Al Barten · 982 days ago

    Ethical hacking is important to a civil society.

    The publication of the names of significant public officials or politicians who use these sites is essential. The Public/private life balance is important but if we are shown smiling politicians patting children on the head, are we not entitled also to know what they like in the way of acts that may well be illegal in their own country.

    The 17 year old after all did not attempt to Blackmail anybody for an example system passwords, so I think his attitude was quite responsible.

  10. anon · 982 days ago

    "A hacker, identified as a 17-year-old...."

    Presumably the porn company thought that an entry page with the words "Are you over 18? YES / NO" was enough to keep out 17 year old hackers...

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Hi. I am a social, brand and communications expert with 10 years in senior roles in the tech space. I'm currently Sophos' s Global Director of Social Media and Communities. Proudest work achievement? Creating and launching award-winning Naked Security. Outside work, I am a mean cook, an avid reader, a chronic insomniac, a podcast obsessive and blogger .