Back in 2012, pornographic website Brazzers was targeted with a hacking attempt . And now, nearly information about
800,000 user accounts has been leaked online.
The attack was originally aimed at Brazzersforum, a companion forum for the website. However, since both forum and
website have shared user account information, account details of even those who have not signed up for the forum are
potentially at risk. Brazzers has said that it has employed some corrective measures for the same. Also, Brazzersforum has
been taken down for maintenance.
The hack was first spotted by data breach-monitoring site vigilante.pw, which passed the information to Motherboard
website for verification. As per the website, hackers were able to get hold of about 790,724 unique email addresses, as well
as usernames and passwords stored in plain text format. Although the breach consisted of over 900,000 entries in all,
Motherboard reports that many of them were duplicates.
Brazzersforum is essentially a platform where users discuss videos, porn actors and can also request what scenarios
should make it to next videos. While both the website and forum are different, a Brazzers spokesperson confirmed that user
account details are shared between the two for convenience of the users.

“It’s unfortunate that my information was included in the breach, but that’s the risk you run making an account anywhere on
the web,” a Brazzers user, who asked to remain anonymous, told Motherboard website in an email.

Matt Stevens, public relations manager from Brazzers, told Motherboard in an email, “This matches an incident which
occurred in 2012 with our ‘Brazzersforum,’ which was managed by a third party. The incident occurred because of
vulnerability in the said third party software, the ‘vBulletin’ software, and not Brazzers itself.”
Recently, Cloud-based data storage company Dropbox said that user IDs and passwords of some 68 million of its users
were stolen four years ago and recently got leaked on to the internet.

The company said it had no indication that any of its user accounts were improperly entered, and that it had notified the
users to reset their account passwords.
The company learned of the data theft only two weeks ago, after 68 million user credentials were posted online.