800,000 Brazzers Account Hacked Due To Shared Database

06/09/2016

About 800,000 accounts from the porn site Brazzers have been hacked and for sale in the deep web.

The dataset contains 928,072 individual records with 790,724 unique email addresses. There are also many usernames and passwords in plain text.

First spotted by data breach-monitoring site vigilante.pw, many of those leaked accounts were actually duplicates or inactive.

Brazzers is essentially an adult website. Brazzersforum however, is a companion forum for the website. Using Brazzersforum, users can discuss videos, porn stars can also request what scenarios should make it to next videos.

While both the website and forum are different, the two share the same database.

Brazzers spokesperson confirmed that user account details are shared between the two for convenience of the users.

And here, hackers were wanting to hack Brazzerforum, but due to the shared database, being able to hack into Brazzerforum means that the hackers were also able to access Brazzers' database.

Brazzersforum offline

Troy Hunt who is a security researcher and creator of the website Have I Been Pwned? helped verify the dataset by contacting subscribers to his site, who then confirmed a number of their details from the data.

"This matches an incident which occurred in 2012 with our 'Brazzersforum,' which was managed by a third party. The incident occurred because of a vulnerability in the said third party software, the 'vBulletin' software, and not Brazzers itself," explained Matt Stevens, PR manager at Brazzers.

At the time of writing, Brazzers has said that it has employed some corrective measures, while Brazzersforum has been taken down for maintenance, and is unavailable to users.

"Note that the data provided contains many duplicates and non-functional accounts. We banned all non-active accounts in that list in case those usernames and passwords are re-used in the future," said Matt Stevens, public relations manager from Brazzers.

"Brazzers takes the privacy and safety of its users very seriously," he added.