Several pornographic labels under MindGeek suffered data breaches in the recent years.
- 1 2012 - 1 million YouPorn users exposed
- 2 2015 - RedTube hit with mass malware-serving campaign
- 3 2015 - Series of malware advertising attacks hit Pornhub and YouPorn
- 4 2016 - Brazzers leaks account details for 800,000 (paid!) users
- 5 2017 - Year-long malvertising campaign against Pornhub
- 6 References
2012 - 1 million YouPorn users exposed
YouPorn was not hacked but sign-up information on a public facing web server was left unencrypted.
The affected site - chat.youporn.com - was taken down on Tuesday, 21 February.
2015 - RedTube hit with mass malware-serving campaign
RedTube became the second major adult site to be hit with a massive malware-serving campaign in February 2015.
the attack on site visitors uses the source code of RedTube’s main page. The source code was modified to include a hidden piece of redirection code. That in turn leads to the kit which exploits the user’s browser and will attempt to drop malware.
2015 - Series of malware advertising attacks hit Pornhub and YouPorn
Several malwaretising attacks against many top adult sites resulted in attacks on YouPorn and Pornhub in September 2015. The malvertising on Pornhub and YouPorn did not last as long.
2016 - Brazzers leaks account details for 800,000 (paid!) users
"Almost 800,000 account holders on porn site Brazzers have had their details breached thanks to a vulnerability in the vBulletin forum software, potentially exposing some to online extortion attempts."
The data breach was reported on in September 2016. It appears to have come from a cyber-attack launched back in 2013.
2017 - Year-long malvertising campaign against Pornhub
Security company Proofpoint reported that a hacking group called KovCoreG group placed its malvertising badness on Pornhub that could have put millions of users at risk.
Proofpoint said that the attack was active for more than a year.
"This attack chain exposed millions of potential victims in the US, Canada, the UK, and Australia, leveraging slight variations on a fake browser update scheme that worked on all three major Windows web browsers. "
- YouPorn users exposed in 2012
- The data from this leak has been imported into Troy Hunt's "Have I Been Pwned?" tool. When an email address is searched on the site, it will indicate whether the address in question was part of this data breach.
- RedTubehit by a malware campaign in 2015
- Malwaretising attacks on Pornhub and YouPorn in 2015
- Also available in the "Have I Been Pwned?" database.
- Data Breach on Brazzers in 2016
- Malwaretising attack on Pornhub in 2017