It seems as if nothing is safe on the internet anymore these days. Not even privacy. Account holders of the popular adult website Brazzers learnt this the hard way.
Unidentified hackers targeted the website in an elaborate operation, releasing information belonging to 800,000 accounts. The word ‘jeopardised’ is an understatement to describe the situation.
The Incident At A Glance
The administrators claim that only a few have been affected by the attacks. But it’s anything but minimal.
Website Motherboard first received the breach from monitoring website Vigilante.pw. The mammoth amounts of data shocked even them. The leaked archives include 928,072 records and 790,724 unique email addresses. Not to forget millions of usernames and passwords.
Motherboard called upon expert Troy Hunt to confirm if the leaks were authentic. He cited that a number of their details from the data dump belonged to Brazzers users.
“This matches an incident which occurred in 2012 with our ‘Brazzersforum’. The incident occurred because of a vulnerability in the said third party software, the ‘vBulletin’ software, and not Brazzers itself.” according to Matt Stevens, a company spokesman.
Sources suggest that the Brazzers’ forum was created for user convenience and exported user information from the website to another URL. But it has come under much scrutiny from users due to the very same fact.
“It has resulted in a small portion of our user accounts being exposed and we took corrective measures in the days following this incident to protect our users. Brazzers takes the privacy and safety of its users very seriously,” Stevens added.
Shockingly, users who didn’t even visit the Brazzers forum have become victims of online hacking.
The forum allows Brazzers users to discuss pornographic content or to post recommendations.
Brazzers’ forum uses the vBulletin. It’s one of the most widely used platforms for web forums. Old vBulletinversions are however affected by several vulnerabilities and weak spots. it is likely that hackers exploited one of them to steal the records.
What The Experts Say
The forum data was created for users. But it seems that those who signed up for the chat forums used the same details on the main website. The forums were under the control of a third party website
Mr Hunt said that the release of the data was highly embarrassing with the release of users’ conversations. The data was stolen in 2013 but came to everyone’s attention only now.
“Problem with a hack like that is it’s a forum,” he said. “Worse than just adult website creds, this is what people were talking and fantasising about.”
The identity of the hackers remains a mystery. Several sources point towards a vigilante section under the group Anonymous. As for the users, Brazzers has assured proper corrective measures. Hunt recommends users to use random information when registering with nothing personal.