{"id":9238,"date":"2025-12-16T10:03:39","date_gmt":"2025-12-16T10:03:39","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/12\/16\/pornhub-breached-by-shinyhunters-group-and-premium-members-data-stolen\/"},"modified":"2025-12-16T10:03:39","modified_gmt":"2025-12-16T10:03:39","slug":"pornhub-breached-by-shinyhunters-group-and-premium-members-data-stolen","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/12\/16\/pornhub-breached-by-shinyhunters-group-and-premium-members-data-stolen\/","title":{"rendered":"PornHub Breached by ShinyHunters Group and Premium Members\u2019 Data Stolen"},"content":{"rendered":"<p>    PornHub Breached by ShinyHunters Group and Premium Members\u2019 Data Stolen<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>The notorious hacking collective ShinyHunters has claimed responsibility for a major <a href=\"https:\/\/cybersecuritynews.com\/openai-discloses-mixpanel-data-breach\/\" target=\"_blank\" rel=\"noreferrer noopener\">data breach at Mixpanel<\/a>, a popular analytics provider, exposing limited user data tied to Pornhub Premium accounts.<\/p>\n<p>The incident, which has only affected select Premium subscribers, has raised concerns within the cybersecurity community. Although Pornhub emphasizes that this was not a direct breach of its systems, the situation highlights the risks associated with third-party vendors managing sensitive analytics data.<\/p>\n<p>ShinyHunters, known for high-profile leaks such as the LinkedIn data dumps, publicly claimed responsibility for the Mixpanel breach on BreachForums.<\/p>\n<p>They advertised \u201cfresh Pornhub Premium user analytics\u201d among datasets from victims like Google and ChatGPT. Security researchers confirmed the group\u2019s post aligns with Mixpanel\u2019s internal notification to clients.<\/p>\n<h2 class=\"wp-block-heading\" id=\"h-pornhub-breached-by-shinyhunters\"><strong>PornHub Breached by ShinyHunters<\/strong><\/h2>\n<p>Pornhub\u2019s official statement clarifies the scope: the breach occurred entirely within Mixpanel\u2019s environment, involving a \u201climited set of analytics events\u201d for some Premium users.<\/p>\n<p>Crucially, no passwords, credentials, payment details, or government IDs were compromised. Pornhub ceased using Mixpanel in 2021, but legacy user-interaction data, such as session logs or behavioral metrics, may have been scraped.<\/p>\n<figure class=\"wp-block-table\">\n<table class=\"has-fixed-layout\">\n<thead>\n<tr>\n<th>Affected Data<\/th>\n<th>Status<\/th>\n<th>Risk Level<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Analytics events (e.g., session data)<\/td>\n<td>Exposed (limited users)<\/td>\n<td>Low<\/td>\n<\/tr>\n<tr>\n<td>Passwords\/credentials<\/td>\n<td>Not exposed<\/td>\n<td>None<\/td>\n<\/tr>\n<tr>\n<td>Payment\/financial info<\/td>\n<td>Not exposed<\/td>\n<td>None<\/td>\n<\/tr>\n<tr>\n<td>Government IDs<\/td>\n<td>Not exposed<\/td>\n<td>None<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<p>Pornhub <a href=\"https:\/\/help.pornhub.com\/hc\/en-us\/articles\/47334442459283-Important-Message-From-Pornhub\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">launched<\/a> an internal probe immediately upon Mixpanel\u2019s alert, enlisting cybersecurity experts and coordinating with authorities. \u201cWe are working diligently to determine the nature and scope,\u201d the company stated, committing to \u201cbest practices in cybersecurity and international privacy standards.\u201d<\/p>\n<p>Users are urged to monitor accounts for phishing or odd activity. Enable multi-factor authentication (MFA) and scan for malware, experts advise. Pornhub reiterated: protecting its community remains the top priority.<\/p>\n<p>This event echoes supply-chain vulnerabilities seen in SolarWinds and MOVEit attacks. Mixpanel\u2019s breach highlights how dormant vendor ties can resurface risks years later. As ShinyHunters peddles the data, affected users should check <a href=\"https:\/\/cybersecuritynews.com\/have-i-been-pwned-likely-to-ban-resellers\/\" target=\"_blank\" rel=\"noreferrer noopener\">Have I Been Pwned<\/a> for updates.<\/p>\n<p>Avoid responding to phishing emails claiming to be from Pornhub. No password resets are required at this time, as login credentials were not affected.<\/p>\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 94%,rgb(169,184,195) 100%)\"><strong>Follow us on <a href=\"https:\/\/news.google.com\/publications\/CAAqMggKIixDQklTR3dnTWFoY0tGV041WW1WeWMyVmpkWEpwZEhsdVpYZHpMbU52YlNnQVAB?hl=en-IN&amp;gl=IN&amp;ceid=IN:en\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Google News<\/a>, <a href=\"https:\/\/www.linkedin.com\/company\/cybersecurity-news\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">LinkedIn<\/a>, and <a href=\"https:\/\/x.com\/cyber_press_org\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">X<\/a> for daily cybersecurity updates. <a href=\"https:\/\/cybersecuritynews.com\/contact-us\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Contact us<\/a> to feature your stories.<\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/pornhub-breached\/\">PornHub Breached by ShinyHunters Group and Premium Members\u2019 Data Stolen<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Guru Baran<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/pornhub-breached\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>PornHub Breached by ShinyHunters Group and Premium Members\u2019 Data Stolen The notorious hacking collective ShinyHunters has claimed responsibility for a major data breach at Mixpanel, a popular analytics provider, exposing limited user data tied to Pornhub Premium accounts. The incident, which has only affected select Premium subscribers, has raised concerns within the cybersecurity community. Although [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,156],"tags":[130],"class_list":["post-9238","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-data-breach","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/9238"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=9238"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/9238\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=9238"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=9238"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=9238"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}