The hacking group known as Scattered Lapsus$ Hunters has claimed it is attempting to extort Pornhub after alleging it obtained personal data belonging to the site’s premium users, following a previously disclosed breach at analytics provider Mixpanel.
Pornhub Confirms Exposure Linked to Mixpanel
Pornhub confirmed on Friday that it was among several companies affected by a breach at Mixpanel, a widely used web and mobile analytics service. The company said the incident exposed unspecified “analytics events” related to some Pornhub Premium users.
Pornhub did not disclose how many users were affected. A spokesperson referred TechCrunch to the company’s published statement and did not answer further questions.
Sample Data Shows User Activity Details
On Monday, Bleeping Computer reported it had reviewed a sample of the stolen data. According to the report, the information included registered email addresses, user locations, activity types such as videos and channels viewed, video names and URLs, associated keywords, and timestamps showing when activity occurred.
Hackers Say Pornhub Is Extortion Target
A spokesperson for the ShinyHunters gang, which is part of the Scattered Lapsus$ Hunters coalition, told TechCrunch that an extortion email had been sent only to Pornhub so far. The hackers declined to say how many other companies affected by the Mixpanel breach were being targeted.
Mixpanel Breach Disclosed in November
Mixpanel revealed shortly before the U.S. Thanksgiving holiday that it discovered a breach on November 8 affecting its corporate customers. The company did not initially name the affected customers or detail the impact.
OpenAI later confirmed it was among those affected, along with CoinTracker and SwissBorg. Mixpanel chief executive Jen Taylor did not respond to TechCrunch’s request for comment.
Scope of Data Depends on Customer Settings
Mixpanel lists around 8,000 customers on its website, with each customer potentially having millions of end users. The type of data exposed varies based on how customers configure Mixpanel’s tracking features.
Companies typically use Mixpanel to monitor user behavior on websites and apps, such as clicks, views, and interactions. The service can also collect device-related information, including screen size, network connection type, and mobile carrier.
Broader Impact and Related Disclosures
Scattered Lapsus$ Hunters is a group of primarily English-speaking hackers believed to operate from Western countries. The coalition has been linked to several major breaches this year, including attacks affecting Salesforce and Gainsight customers across hundreds of companies.
Also on Friday, SoundCloud said about 20% of its users were affected by “unauthorized activity in an ancillary service dashboard,” which the company indicated likely referred to Mixpanel. SoundCloud said the exposed data included email addresses and information already visible on public user profiles.
Featured image credits: Wikimedia Commons
For more stories like it, click the +Follow button at the top of this page to follow us.