Nearly 800,000 accounts for popular porn site Brazzers have been exposed in a data breach. Although the data originated from the company's separate forum, Brazzers users who never signed up to the forum may also find their details included in the dump.
Motherboard was provided the dataset by breach monitoring site Vigilante.pw for verification purposes. The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.)
[.....]
Hunt said that, because some of the accounts were related to a forum, that arguably made the data even more sensitive than just a normal porn site account.
“When it’s solely membership of an adult website, you know the person has an interest in adult material, which, whilst potentially embarrassing, tells you very little about them. Once they’re commenting within a forum though, now you have very personal information about their intimate thoughts. We also know that forum breaches frequently include not just user credentials, but private messages as well, and those can be particularly revealing,” he wrote in an email. Hunt added the data to Have I Been Pwned? on Monday.
“We’ve seen a real spate of vBulletin breaches where the software had been left pretty much unattended and unloved,” he added. “Vulnerabilities have been found and patches have been issued yet the admins have maintained the product and very well-known, easily exploited vulnerabilities have led to breaches like this one.”
