200 million records exposed in massive Pornhub data breach — here’s what we know so far
3d 7h ago by lemmy.world/u/fubarx in technology from www.tomsguide.com
Stolen data is being held for ransom by the notorious ShinyHunters hacking group
Don’t worry though, because there’s no way your ID verification for adult sites will ever get leaked
Millions of fake IDs have been leaked.
Dunno why your obvious joke about the effectiveness of age verification was downvoted
It has ONE downvote.
Approximately as many as this comment!
Edit: this ratio is wild.
Not sure if this hack has a name, but usually once someone in a comment tree makes a joke about downvotes — e.g., clowning on an edit complaining about a downvote — rules are suspended for all comments that follow, and you can accrue lots of downvote salutes FOR FREE.
(Maybe not my comment since I’m late to the downvote party, but here you go;)
Edit: why the upvotes? :(
Edit edit: 1v1 me irl
gave you a downvote so it was not all for nothing
You are the Winter in my Summer, Sonor
I also got the party started by being the first to downvote myself. The first person to upvote me probably made it look like I didn't downvote myself.
But the second person to upvote me... Now that's the real bastard. They made my comment seem like it deserved upvotes, and ushered in others who thought this was a comment worthy of their support.
If I ever find out who gave me that second upvote... I'd probably be like, "huh? What second upvote? What are we even talking about?"
Oh shit lol, forgot we could vote on our own shit. Ty for the slightly taller pyre
Nothing compared to your haul though. Let’s see Paul Allen’s doots
Norman Reedus sure likes his porn.
They should have done more penetration testing.
It wouldn't have taken much effort to find that gaping back door.
They rushed. If you push it too fast it'll blow up in your face.
Amateurs.
My stepmother works in that industry and could have helped with that.
You don't happen to have a clothes dryer at home, do you?
Yes, but my step sister is stuck in that.
I know
What are you doing?
According to ShinyHunters, the records contain extensive data on Premium members including email addresses, activity type, location, video URL, video name, keywords associated with the video and the time the event occurred. Activity types include whether the subscriber watched or downloaded a video, or viewed a channel and events include search histories.
This sort of thing is one of those examples why "no log, no profile" service is probably a good idea. The service could have offered the option to charge a fee for access, but not retain customer activity data. They didn't do that. At some point down the line, someone got ahold of the data, which I imagine that their customers are not really super keen on having floating around attached to their identities.
Probably a lot of companies out there that log and retain a lot of data about their customers.
Good idea for consumers. Too bad nobody cares about that. Unless it’s their core business.
This is exactly why we need GDPR
Too bad that's being dismantled right now.
Depending on the industry you might be required by law to keep some information for a certain period of time.
Which is exactly why you want to deal with companies that don't collect that data in the first place. You know, exactly what he said.
I've watched pornhub a million times, but my data isn't in this breach. Know why? Because I never made a profile or gave them one shred of information in the first place. All they could possibly have is a browser fingerprint and my VPNs various IP addresses. That is the point.
Ok, but you're also choosing to not use the features that would require an account. Not everyone has the same use case.
Excuse me, this is the internet. Nuance isn't allowed here
I don’t think the online porn industry has such legal requirements.
just serves as a reminder that we are all the “product.”
Why do you need to log into pornhub? I, um, a friend of mine, uses it fine without logging in...
There was a time when they were pushing the step sibling fetish real hard, like, all the videos in the front page were that, and then they put a banner saying "tired of seeing step____? Why not make an account and filter it out?"
Dunno about y'all but I can wank through the made up plot points without much trouble
If I could wank it to scrambled porn 30 years ago then any subtext or dialogue is like a fart in the wind once I get going.
your ability for suspension of dickbelief must be through the roof
I mean it takes almost zero, usually it's just the titles.
That's a good one
thank you, I was real proud
hah ! that's brilliant
lol, very gross. even the gay ones has incest-like, step gay bro/dad/.
You can follow uploaders, but since the mass removal of 85% of their videos I doubt the website has ever gotten better. I had a few favourites noted down but none of them exist now.
I mean, I’m not mad about why they removed so many videos. They had a massive CSAM and revenge porn problem, to the point that you could often find it on the front page. They also had really ineffectual methods for victims to report offending content, to get it taken down. There was also the whole “victim can only begin the takedown process (which likely won’t even get the video taken down) if they know it has been posted” problem. And their fix was to only allow uploads by verified users.
You can favorite things, and create lists. And their algorithm seems to show you things you might like based on that and your other views. I found it quite useful. Obviously I used a garbage email address.
They could still link your IP address to your porn profile
Maybe it's akin to raising your arms submissively and having your thigh gap n junk get 3D scanned / inspected by a fully clothed TSA agent. Degrading, but not without a little thrill, no?
Florida here, gotta use my VPN anyway to get to PH. 🤷🏻♂️
They do attempt to, with cookies as well1. I suppose the upside of an account would be that you could carry your recommendations, etc. with you and have vpn on and/or cookies blocked.
1 I would never visit this site myself of course. this info was shared to me via an acquaintance ( ͡ᵔ ͜ʖ ͡ᵔ )
My guess is following content creators that you like, and some people pay for the creator's premium videos.
To download
https://github.com/yt-dlp/yt-dlp
Although I absolutely understand that the common folk will have a hard time downloading porn in the CLI.
Eh, I used a one time email address generator before there were browser plugins to download embedded videos anyway, they can have my "data".
You can use the yt-dlp executable in the Youtube-DLG GUI interface. The interface is fine, the only thing wrong with it was that the executable behind it couldn't keep up with YT fuckery. They may have fixed it since then, but once I started manually updating it with yt-dlp I never stopped, so I don't even know anymore. And I'm sure there are better alternatives, I just got used to using this one.
So if you want the GUI front end, it's profoundly easy. Download Youtube-DLG, rename yt-dlp.exe to youtube-dl.exe, and then put it into the appropriate folder (%appdata%/youtube-dl/ on Windows). Overwrite or just delete the existing youtube-dl.exe because it doesn't work anyway.
If you are installing Youtube-DLG for the first time you may have to manually install ffmpeg as well, if memory serves.
The sole drawback is that, for obvious reasons, updates are now manual. Every so often YT breaks it again and I just go download yt-dlp again, rename it, and put the new one in the Youtube-DLG folder. Job done.
That doesn’t sound easy at all for someone who lacks the technical ability to type/paste ”yt-dlp [URL]”
There are sites where you just plug in the URL and the video downloads.
That's what that is. You copy the link and type
yt-dlp https://www.youtube.com/watch?v=dQw4w9WgXcQ
And it downloads, if you add -x between the command and the URL it extracts the MP3 (If you want music).
It has 100% less ads and malware than those shady websites (who are just running yt-dlp in the background).
If you want music
Sorry I had to laugh about that :) Yes, the soundtrack of porns is notoriously good lol (/s)
I can't have enough cheesy saxophone music in my life.
They gave away free premium during the COVID-19 lockdowns
This is going to be fun. Let’s do some Data Analysis with this. Find the republican with the highest amount of watch time of gay porn.
South Carolina has entered the chat
to them it's not gay unless you're the bottom.
I mostly play as support, but sometimes I pick mid lane, rarely bottom lane as ADC. Is it gay? (I'm LOL player)
Yes it's gay to be a LOL player
It'll be fun finding all those "antiporn", "antidei", "antilgbtq+" fine people watching exactly that. Bonus points for .va domains.
.va = Vatican city officials, for those too lazy to Google.
Or .gov :)
Anyone who would sign up for a porn website using their .gov email address deserves to have it leaked
There is a subset of boomers who do this shit.
Usually it's someone whose first email / phone was a company phone and never moved to a personal phone.
Still wild whenever I see it happen.
Older gen-x too.
Stupidity isn't ageist I'm afraid
This is exactly why I'm cautious with websites that store people's IDs.
No problem. Use someone else's ID that gets leaked.
Modern problems require modern solutions
interesting
Sorry, but I don't think we're emphasising enough that Pornhub shared details of its users, such as their search history and watched videos, with an external company and that external company kept that data for over four years after their relationship ended.
I've read 'the last legitimate login was in 2023' so more like 2 years, but yeah
I don't see any reference to 2023 in that article, but this:
Pornhub has not worked with Mixpanel since 2021, which means that the stolen data would be from that year or earlier
It was Reuters reporting on the same story
Pornhub’s data with Mixpanel was last accessed by “a legitimate employee account at Pornhub’s parent company in 2023,” according to the statement. “If this data is in the hands of an unauthorized party, we do not believe that is the result of a security incident at Mixpanel.”
E: link
Hacking group 'ShinyHunters' threatens to expose premium users of sex site Pornhub - https://www.reuters.com/world/americas/hacking-group-shinyhunters-claims-theft-data-users-leading-sex-site-pornhub-2025-12-16/
Oh, but the children are safe and priority and that's why they want to verify them. Oh but the children. Think about the children!!! CHILDREN!!!
Children is all US Republicans seem to be able to think about...
how much of them are conservatives watching gay or trans porn.
Exactly the first thought I had.
YOU KNOW WHAT TIME IT IS, IT'S TIME TO PLAY THE WORLD'S LONGEST RUNNING GAME SHOW....
WHICH QUEERPHOBIC PUBLIC FIGURE IS WATCHING QUEER PORN!
Let's Greet our Contestants, shall we?
He's so homophobic someone renamed a mix of Cum and Lube after him, it's Rick Santorum!
He's so transphobic JK Rowling told him to tone it down, It's Graham Linnerhan!
Despite wearing platform shoes, he wants to make all forms of Queerness a crime, it's Ron DeSantis!
And finally, she's called for Transgender Women to be executed en mass, for famous transwomen to be raped, and she's featured in some of the Queer porn in question, it's Lily Cade!
PUBLISH ALL OF IT!!
would be fun to crosslink that list with https://wiki.icelist.is/
Considering conservatives are the ones most likely to "sign up"(fuck that is a strange thing to type! Imagine needing to vote and comment on porn!), I'm betting on the over.
The most embarrassing part about this would be people finding out you actually pay for porn
This why they are against store peoples ID. And this why those websites should never do it.
Yep - it's a good thing they just IP block users in ID check states or this could have been REALLY bad.
At some point on the Web (in my childhood, in the Russian-speaking parts - around 2002-2004) anything requiring registration was treated as some sort of closed club, and that was about just registration. Though people exposed their ICQ UINs and email addresses, so that you could chat with them (that's the old way you'd DM a person whose post you liked).
I'm not sure about all these rules of what websites should and shouldn't do. Perhaps websites should be always treated as some untrusted alien space that can possibly do anything. If you want to do something where such a leak is really bad, or anything worse than a pocket theft of 20$ - then perhaps such a system shouldn't rely upon untrusted centralized service having everything.
I like the social model that existed then, though. It was somewhat global, now we have modern Web services (even if in Fediverse) that expose everything over the Web, posts, DMs and so on. Back then forums were websites, DMs were in ICQ\XMPP\Skype, email as its own thing, feeds as RSS.
The next argument would then be, “then the site should not exist”
Porn ban complete.
According to ShinyHunters, the records contain extensive data on Premium members including email addresses, activity type, location, video URL, video name, keywords associated with the video and the time the event occurred. Activity types include whether the subscriber watched or downloaded a video, or viewed a channel and events include search histories.
haha
... I can DL the videos?
yeah if you give the money I think I don't know. I haven't tried
Eh. Good I never had premium then.
(Though I suspect my porn habits were exposed in much detail otherwise via something like personalized state surveillance.)
Oh god the male baby boomers will never recover from this.
Gen X getting forgotten again.
They hope
I'll never understand why people create accounts in the first place
To argue in the comments 😅
I never saw it myself, but I heard someone posted the big moment of Avengers Endgame in the comments of a lot of videos.
We all saw that... cummin
Ranked matchmaking
Wanked matchmaking
Go on....
No, seriously, is the algorithm any good?
To curate and follow specific models of course. 😀
I have heard people try to explain why they log in on porn sites: It saves your favorite videos, it recommends new videos and it makes it possible to see paid content.
All three things are reasons why I don't want to log in. Yeah, like I want a list of my perversions attached to my name.
Free registration is what custom email addressed with fake personal information are for, if you want those features.
Yeah its pretty easy to make up a fake person to make an email with if you ever need to.
Just bookmark the stuff, it's easier than making an account anyway
Just download everything, storage is cheap. No reason not to have a few TB of high resolution porn of exactly what you like.
Wow that's not true at all..at least for most people.. I wish I had the money to buy a 12tb HDD to hoard some media. It took me a year to buy 2 2tb HDDs for my jellyfin server..yes ,I'm poor in a poor country.
In case you haven't been paying attention, RAM and storage prices are on the rise due to the data center rush.
RAM is insane but storage is cheap. You can get recertified drives for a NAS for like $16/TB.
I have a decent memory. 60% of the time, it works every time.
My bookmarks list is too big and searching doesn't help since the names the bookmarks are given are too similar by the automatic process. Also can't thumb up stuff without an account and bookmarking is also a statistic to show popularity of the artists work. Idk what happens on pornhub though.
My bookmarks list is too big
notices your bookmark kink
What are you doing Step-mark?
👉👈🔖
It'd be fine by me if gov's weren't so puritanical.
That’s way too much dedication to something that should take me like five minutes. People are crazy
Pornhub has not worked with Mixpanel since 2021, which means that the stolen data would be from that year or earlier. Reuters, who contacted some Pornhub customers to confirm the breach, was able to authenticate that the user data that pertained to those customers was accurate – but was several years old which would be consistent with the Mixpanel data.
We checked our accounts and this is what we found...
Hello Sir... Good news is I'm not calling to talk about our Lord and Saviour. Bad news, can you verify your identity and daily access to the following pornhub fetishes?
Who the hell uses their real name and e-mail to open accounts in sites like PornHub?
EDIT: I enjoy porn and so does my wife. Neither one of us is shy about it, but neither of us would use our real info to open an account. Who the hell wants infinite floods of adult product email spam?
But according to governments around the world, we should use our IDs in order to access this kind of material. And this is exactly why it's a fucking terrible idea.
Creators
Ooof! You are absolutely right. Hopefully they use dedicated e-mail and contact information for their business.
Release the pornhub files!
...Ive seen the fact that comments exist on these sites but genuinely who makes an account on pornhub?
How else do I share the best videos with my friends on Facebook?
True. Although, Meemaw was taken back by a few of them.
How else do I save my favourite videos?!
spoiler
Save the url in a text file you dingus
You save the file to disk like a proper pervert
Please ignore my 500GB homework folder.
I was doing that until my mom's pc memory got full so then I started using my sister's pc
PornHUB intro music plays, but morphs into Unsolved Mysteries
ROBERT STACK ENTERS AS HOST
Tonight: a mystery born not of shadowy alleyways or coded dossiers… but of a home computer. A shared machine. And a series of fateful downloads.
On the Fediverse, a decentralized corner of the internet where identities blur and reputations are built one post at a time, a user known only as "imhereforfun" endlessly consumes the storage space of his family member's computers.
What followed was a chain of events that fractured a family, erased a trail digital footprints, and left behind more empty kleenex boxes than answers.
Don't duplicate the files! You can probably find most of it in the Canva output folder
2 in the pink, 200 million in the stink
If PornHub has any of your data, congratulations, you are an idiot.
They have endless supplies of free content you don't even have to login to watch, and they don't block ad-blockers or VPNs afaik.
Oh noes my porn viewing history!
Imagine the juicy search history's people might be able to link up with bigots and racists. Let's find JDs account, $5 there's couch fucking videos.
I was expecting "we are fucked" after "here’s what we know so far".
LMAO at anyone who made, or paid for, a PornHub account.
"Yes, I would like to log into PornHUB using my GMail account, please, for my convenience" - I just checked, they have SSO for Gmail and Twitter! AHAHAHAHAHAHA I'm dying
"Here's what we know so far"
...
Hay guys maybe we should just let this one go, ya know l.
We don't really need to dig any deeper, I'm sure it's fine.
Who knew that blackmailing people with their browser histories would bring down western civilization?
Perfect blackmail material to insist people vote for more people like Trump. There is a reason Republicans want ID verification, and it's not an honorable one.
Funny, I never made an account there.
In the unlikely event I had to create a porn site account even the NSA wouldn’t be able to link it back to me.
Yeah I never understood why anyone would create an account. It's not like you need one to watch the videos.
200 million perverts.
Sounds like something you’d say if you didn’t want people to look for your email address in those records…
"How disgusting. I would never do that"
“Clearly I’m above reproach, so there’s no reason to suspect my email address and porn history will be in there!”
Does that thought make you feel all tingly?
..200 million perverts...
1 insecure individual.