MindGeek/List of MindGeek data breaches
< MindGeekSeveral pornographic labels under MindGeek suffered data breaches in the recent years.
2012 - 1 million YouPorn users exposed
The email addresses and passwords of more than a million users of the YouPorn[1] sex chat site were exposed in February 2012 following a coding error that went undetected for years.[2]
YouPorn was not hacked but sign-up information on a public facing web server was left unencrypted.
The affected site - chat.youporn.com - was taken down on Tuesday, 21 February.
2015 - RedTube hit with mass malware-serving campaign
RedTube became the second major adult site[3] to be hit with a massive malware-serving campaign in February 2015.
the attack on site visitors uses the source code of RedTube’s main page. The source code was modified to include a hidden piece of redirection code. That in turn leads to the kit which exploits the user’s browser and will attempt to drop malware.
2015 - Series of malware advertising attacks hit Pornhub and YouPorn
Several malwaretising attacks[4] against many top adult sites resulted in attacks on YouPorn and Pornhub in September 2015. The malvertising on Pornhub and YouPorn did not last as long.
2016 - Brazzers leaks account details for 800,000 (paid!) users
"Almost 800,000 account holders on porn site Brazzers have had their details breached thanks to a vulnerability in the vBulletin forum software, potentially exposing some to online extortion attempts."[5]
The data breach was reported on in September 2016[6]. It appears to have come from a cyber-attack launched back in 2013.
2017 - Year-long malvertising campaign against Pornhub
Security company Proofpoint reported that a hacking group called KovCoreG group placed its malvertising badness on Pornhub[7] that could have put millions of users at risk.
Proofpoint said that the attack was active for more than a year.
"This attack chain exposed millions of potential victims in the US, Canada, the UK, and Australia, leveraging slight variations on a fake browser update scheme that worked on all three major Windows web browsers. "
References
- ↑ YouPorn users exposed in 2012
- ↑ The data from this leak has been imported into Troy Hunt's "Have I Been Pwned?" tool. When an email address is searched on the site, it will indicate whether the address in question was part of this data breach.
- ↑ RedTubehit by a malware campaign in 2015
- ↑ Malwaretising attacks on Pornhub and YouPorn in 2015
- ↑ Also available in the "Have I Been Pwned?" database.
- ↑ Data Breach on Brazzers in 2016
- ↑ Malwaretising attack on Pornhub in 2017