Hackers Access Pornhub Premium Users' Viewing Habits and Search History

A significant data breach has compromised the privacy of Pornhub's premium users, exposing their search histories and viewing habits.

The breach, reportedly executed by the western-based hacking group ShinyHunters, involved the unauthorized access of over 200 million data records.

These records include premium members’ email addresses, search and viewing activities, video URLs, video names, associated keywords, and location data.

Pornhub, a Canadian-owned website with over 100 million daily visits globally, confirmed that the attack targeted Mixpanel, a third-party data analytics company that had previously worked with Pornhub.

Importantly, Pornhub stated that the breach did not affect its own systems, and sensitive information such as passwords, payment details, and financial data remained secure.

The data accessed appears to be from before 2021, as Pornhub ceased its relationship with Mixpanel that year.

Following the breach, ShinyHunters reportedly issued an extortion demand to Pornhub, seeking payment in bitcoin to prevent the publication and to delete the stolen data.

Despite these claims, cybersecurity firm Sophos has found no evidence of the data being leaked on public hacking forums or leak sites commonly used for extortion.

ShinyHunters is known to be part of a larger cybercriminal community called The Com, which has been linked to previous high-profile hacks against major retailers.

Mixpanel acknowledged awareness of the alleged data theft but denied any recent cyber-attack on its systems.

The incident highlights ongoing risks associated with third-party data analytics providers and underscores the importance of securing user data beyond primary service platforms.

Pornhub and Mixpanel have been contacted for further comment on the situation.