Brazzers Porn Site's Forum Hacked, Exposes Data Of 800,000 Users (vice.com)

← Back to Stories (view on slashdot.org)

Brazzers Porn Site's Forum Hacked, Exposes Data Of 800,000 Users (vice.com)

Posted by msmash on Monday September 5, 2016 @02:01AM from the security-woes dept.

Forum of porn website Brazzers has been hacked, exposing the data of as many as 800,000 users, reports Motherboard. Though the data originated from the company's separate forum, the report adds, Brazzers users who never signed up to the forum may also find their details included in the dump. From the report: Motherboard was provided the dataset by breach monitoring site Vigilante.pw for verification purposes. The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.) Troy Hunt, a security researcher and creator of the website Have I Been Pwned? helped verify the dataset by contacting subscribers to his site, who confirmed a number of their details from the data.

48 comments

Min score:

Reason:

Sort:

pr0n forum? Really by Anonymous Coward · 2016-09-05 02:05 · Score: 1

Wow, how much of a fine connoisseur of pr0n do you gave to be to be a member of a forum dedicated to teh pr0n? Do people get into flame wars over idiotic minutiae or do they keep complaining about whether or not something really is "news for neckid?"
1. Re:pr0n forum? Really by stealth_finger · 2016-09-05 02:13 · Score: 1
  
  I would say you'd be an idiot for using any thing remotely approaching real details for a porn site (why would you even register????) but they probably have a login with facebook button and I'm guessing most of these guys only have one hand free.
  
  --
  Wanna buy a shirt?
  https://www.redbubble.com/people/stealthfinger/shop?asc=u
2. Re:pr0n forum? Really by AmiMoJo · 2016-09-05 02:26 · Score: 1
  
  I noticed that a lot of porn connoisseurs were posting their real names to The Pirate Bay and other torrent sites a while back. Just search for torrents containing a Windows thumbs.db file and open it in a hex editor. Their Windows username will be in there, and about 50% of the time it's their real name.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
3. Re:pr0n forum? Really by houghi · 2016-09-05 02:51 · Score: 1
  
  The thing is not if you use real data or not (I watch porn, so what?) The thing is that it could be used for other things. I do not care if people hack pornhub or /. What I am worried about is the username/password combination.
  Unlike many others here, I do not have the ability to remember all the usernames and passwords and unfortunately using a program to do it for me is not an option.
  I do use several paswords:
  1) Home connection. Security level: pretty high. Not used anywhere else
  2) Email and banking. Only 'official email' and banking. Security level pretty high. Used at 4 sites (email and banking only)
  3) Commercial password. Used for sites where I buy stuff. Around 15 companies like my ISP, telecom, amazon and the like.
  4) All the rest. These are sites where I am not buying anything. Nothing will be bought there EVER.
  So this would fall into category 4, together with /. and Imgur and other sites. Might even be that in the past I have added myself to pornhub. Could be, I do not know.
  So to me that hacking is not about the content of the site. It is about the retrieving of the password and the inability to remember all the websites I have used and am using and thus having NO idea what they could find.
  So get of your high horse and don't look at the content of the site, but talk like an adult about the result as if it were /. that was hacked. Because you masturbate as well (unless you are not old enough yet to do so) and to what you or others masturbate is irrelevant.
  4)
  
  --
  Don't fight for your country, if your country does not fight for you.
4. Re:pr0n forum? Really by stealth_finger · 2016-09-05 03:00 · Score: 1
  
  Hey, I watch porn too, but like a sensible adult I get it from the piratebay instead of letting out a massive potential compromise by even visiting a porn site. Forget registering or godforbid logging into one. If you want to actually pay for it then fair play but there's gotta be other ways of going about it.
  
  --
  Wanna buy a shirt?
  https://www.redbubble.com/people/stealthfinger/shop?asc=u
5. Re:pr0n forum? Really by Opportunist · 2016-09-05 03:12 · Score: 1
  
  Do people get into flame wars over idiotic minutiae
  If you have a huge dick, you're at the porn page, if you are a huge dick, you're at the forum. Easy, isn't it?
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
6. Re:pr0n forum? Really by PPH · 2016-09-05 03:41 · Score: 1
  
  Carlos Danger is a real name?
  
  --
  Have gnu, will travel.
7. Re:pr0n forum? Really by Oswald+McWeany · 2016-09-05 03:50 · Score: 1
  
  Hey! Danger is my middle name.
  
  --
  "That's the way to do it" - Punch
8. Re:pr0n forum? Really by Falos · 2016-09-05 04:10 · Score: 1
  
  https://xkcd.com/1095/
9. Re:pr0n forum? Really by No+Longer+an+AC · 2016-09-05 05:15 · Score: 1
  
  I used to attempt to manage passwords in my head with a similar system.
  Gradually I decided I needed to do better than that and as the number of passwords and variations of those passwords grew it became impossible for me to remember. I lost a long-time e-mail account because I read about a security breach while I was drinking and being security minded I immediately changed my password to something very clever that I was sure I would remember. Of course I couldn't remember it.
  Shortly thereafter I started using a password locker program. If something doesn't have a unique and strong password, it's because it fits your 4th category. It's also a great place to store the answers to those security questions that I can never remember.
  You know, like "What's your mother's maiden name?". Those should never be answered truthfully so I'll make up an answer and say "The Battle of Hastings" is my mother's maiden name. How could I possibly ever forget such a clever answer? Well, very easily apparently because I only need to know that very rarely.
  I really would separate your banking ID/passwords from your e-mail ID/passwords. Financial transactions are in their own class of risk. I avoid them if at all possible and they certainly never get anywhere near my phone.
  Now my biggest point of failure is the password to my password locker file. It could be a stronger password, but it's not written anywhere and I know I can remember it.....that is I can right now. What if I suffer a concussion? That could lock me out of every account I have. And of course if someone gets that and they get the password-locker file, they've got the keys to the kingdom.
  You can always find a place to store a hardcopy of key passwords that you just can't lose if you want. Safety deposit box. In a simple form of steganography (e.g. disguised as a word-find puzzle). Or just choose something like the first letter of every verse in the King James Version of Psalm 23. Use your imagination. All those are simple enough for you to recover, but difficult enough that the average hacker is not going to get it easily.
10. Re:pr0n forum? Really by mrbester · 2016-09-05 06:03 · Score: 1
  
  Missing the surname Spicyweiner. Maybe the input box wasn't big enough (giggity).
  
  --
  "Wait. Something's happening. It's opening up! My God, it's full of apricots!"
11. Re:pr0n forum? Really by Anonymous Coward · 2016-09-05 07:51 · Score: 0
  
  actually chronic masturbators dont really fight much, gets too... sticky
  now seriously, the porn forum sites are there to:
  check if some chick has retired or is back
  check the identity of someone (they post a pic and ask if someone knows the porn name of the chick so "they" can check for more stuff)
  adult news (for example, theres and aids epidemic and a zombie epidemic, dont let zombies bite your dick)
  gossip (think tmz of porn)
  recruiting
  and then theres the tecnical side that have the people that are putting up the sites, stuff like payment, google positioning, you know webmaster stuff
  and no, i have never seen fights about SystemD(ick)
12. Re:pr0n forum? Really by Anonymous Coward · 2016-09-05 08:45 · Score: 0
  
  Wow, how much of a fine connoisseur of pr0n do you gave to be to be a member of a forum dedicated to teh pr0n? Do people get into flame wars over idiotic minutiae or do they keep complaining about whether or not something really is "news for neckid?"
  Ask 110010001000 he is the local expert about porn and living in his mom's basement and herpes.
13. Re:pr0n forum? Really by ls671 · 2016-09-05 10:44 · Score: 1
  
  Don't know about Carlos but Rodney Dangerfield seems real:
  https://en.wikipedia.org/wiki/...
  
  --
  Everything I write is lies, read between the lines.
14. Re:pr0n forum? Really by Anonymous Coward · 2016-09-05 20:00 · Score: 0
  
  a massive potential compromise by even visiting a porn site.
  Really? What massive compromise? Even if this leak would become so public that my boss, mother, and father *somehow* found out that I was registered on pornhub, I wouldn't really care. Porn is not a big deal, at least not here in Europe.
15. Re:pr0n forum? Really by MrDoh! · 2016-09-06 09:51 · Score: 1
  
  There's a Doctor Carlos Danger reserved parking nearby me. Laughed at it at the time, a couple of years before the recent blowup of the name. When it was all blowing up with Wiener's alias and how people were making fun of it I thought "well, one Doctor's not going to be happy about all this".
  
  --
  Waiting for an amusing sig.
16. Re:pr0n forum? Really by MrDoh! · 2016-09-06 09:52 · Score: 1
  
  They probably post "1st post" and 'Hot Grits' just like any other sensible forum system. The Natalie Portman posts are probably a bit risque-er though.
  
  --
  Waiting for an amusing sig.
800000 wankers by Anonymous Coward · 2016-09-05 02:10 · Score: 0

I have downloaded their info to my fridge.
1. Re:800000 wankers by stealth_finger · 2016-09-05 02:14 · Score: 1
  
  *knock knock*
  
  Hi I have a large delivery of cream here, you'd better get it in the fridge quick it's starting to get warm and sticky.
  
  --
  Wanna buy a shirt?
  https://www.redbubble.com/people/stealthfinger/shop?asc=u
Is Anthony Weiner's data there? by Anonymous Coward · 2016-09-05 02:13 · Score: 0

It pretty much has to be, doesn't it?
Really, plaintext passwords? by Anonymous Coward · 2016-09-05 02:14 · Score: 4, Interesting

In all these years the message hasn't gotten out that no website has any need or business or excuse to be storing plaintext passwords???
1. Re:Really, plaintext passwords? by JcMorin · 2016-09-05 02:47 · Score: 1
  
  It's almost criminal...
2. Re:Really, plaintext passwords? by Anonymous Coward · 2016-09-05 03:18 · Score: 0
  
  It's indecent.
3. Re:Really, plaintext passwords? by v1 · 2016-09-05 03:24 · Score: 2
  
  While I'm not a fan of the "we need to have a law for everything" mentality, this I could make an exception for. Storage of password in plain or recoverable formay should consitute criminal neglegence. Site operators have NO legitimate need to keep plaintext passwords, and expose users to that risk without warning. Imagine if they did give warning?
  Creating new account. Enter username and password below. (note: your password will be stored in plaintext)
  hell no?
  
  --
  I work for the Department of Redundancy Department.
4. Re:Really, plaintext passwords? by hey! · 2016-09-05 03:31 · Score: 4, Insightful
  
  In all these years the message hasn't gotten out that no website has any need or business or excuse to be storing plaintext passwords???
  I wouldn't be surprised. There's an awful lot of stuff you need to know, it's easy to underestimate if you've learned it gradually, over "all these years".
  Having teenagers myself, I think their education is much better than mine ever was; and of course they have young and agile brains that absorb new information really, really well. But I wonder how the ones going into software are supposed to get to know all the things I've learned over forty years of working with software. Back in the day if you'd read a handful of important books like The Unix Programming Environment, The Art of Computer Programming, Software Tools in C etc you were in-the-know, especially if you had a subscription to Byte and Dr. Dobbs. You could take a few months off and learn the whole shmeer. Of course today you'd add Applied Cryptography to the canon... but still, could you do that today? Is there a software canon someone could study and be ready to go?
  We're looking at colleges now, and nowhere on the computer science curriculum is there a course on "Stuff You're Really Expected to Know." You're supposed to pick that stuff up. Either the engineering departments look just like they did forty years ago, or they've gone radically interdisciplinary, an approach that in general I endorse. But either way, there is no way to tell that someone knows all the stuff he ought to know to develop software.
  I'm not big on certifications; perhaps my long life history with software has jaded me; I've seen too many people who've collected commercial certifications that aren't worth a damn because it just shows they can parrot back information; they don't necessarily understand anything. But a basic "fit for service" certification is one that I could get behind.
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
5. Re:Really, plaintext passwords? by Anonymous Coward · 2016-09-05 05:28 · Score: 0
  
  It's almost criminal...
  Birds of a Filthy Feather Fuck Together. They also appear to have an aggregate IQ of an ornate doorknob. Some of the posts in this very thread prove this. Enjoy "getting it hard core" with those plaintext passwords. ~
6. Re:Really, plaintext passwords? by Anonymous Coward · 2016-09-05 09:40 · Score: 0
  
  We're looking at colleges now, and nowhere on the computer science curriculum is there a course on "Stuff You're Really Expected to Know."
  At Carnegie Mellon University, it's called 15-213: Introduction to Computer Systems. The textbook (https://www.amazon.com/dp/013409266X) was written by the former dean of Carnegie Mellon's School of Computer Science.
7. Re:Really, plaintext passwords? by Anonymous Coward · 2016-09-05 23:45 · Score: 0
  
  ^ This..... You have no ideas how many CS students with BS and MS degrees don't known what source control is--apparently while working in groups, they emailed files around. I'm talking recent graduates.
  It always throws a wrench into my startup estimation
Dates... by brian2175 · 2016-09-05 02:16 · Score: 5, Informative

I happened to check when these 928,072 entries were from on vigilante.pw. And they show it from April of 2013. This seems to be from a dump over 3 years ago. I think that should be in the news article....
1. Re:Dates... by Ecuador · 2016-09-05 02:42 · Score: 3, Funny
  
  Good catch! We shouldn't worry the /.ers who only became members of Brazzers after April 2013.
  
  --
  Violence is the last refuge of the incompetent. Polar Scope Align for iOS
2. Re:Dates... by ls671 · 2016-09-05 10:51 · Score: 1
  
  Good, my 18th birthday was on May 2013 so I have never watched porn before that.
  
  --
  Everything I write is lies, read between the lines.
Why would anyone use an internet porn site? by Anonymous Coward · 2016-09-05 02:19 · Score: 0

When there are mens magazines to which can be discretely subscribed?
1. Re:Why would anyone use an internet porn site? by 110010001000 · 2016-09-05 02:50 · Score: 1
  
  I subscribe continuously to mine.
why would anyone buy/sign-up for porn now? by sittingnut · 2016-09-05 02:44 · Score: 2

unless ones tastes are very niche specific and peculiar, almost all the popular porn is freely available in quantities larger than anyone can consume.
so if one is not a pirate freeing all that for others, no point in buying anything at all, or even giving info to obtain access.
1. Re:why would anyone buy/sign-up for porn now? by Anonymous Coward · 2016-09-05 03:09 · Score: 0
  
  Brazzers has very high quality porn, they need the revenue stream for that. Tho for me xhamster, pornhub, etc is enough quality. And if you have finer taste there's always motherless. These are ad supported sites.
2. Re:why would anyone buy/sign-up for porn now? by PsychoSlashDot · 2016-09-05 04:26 · Score: 1
  
  unless ones tastes are very niche specific and peculiar, almost all the popular porn is freely available in quantities larger than anyone can consume. so if one is not a pirate freeing all that for others, no point in buying anything at all, or even giving info to obtain access.
  Much like any other form of art, some people feel that compensating creators and participants is a decent and honorable thing to do. Availability isn't everything. Patronage is a thing, even in porn.
  
  --
  "Oh no... he found the .sig setting."
3. Re:why would anyone buy/sign-up for porn now? by Anonymous Coward · 2016-09-05 09:15 · Score: 0
  
  I wouldn't be opposed to donating to a particular actor or actress via a platform like Patreon, or even an old-fashioned PayPal link.
  But I doubt that there's anything decent or honorable about paying the producers. Most of them are exactly the type of person you would expect to be a porn producer.
4. Re:why would anyone buy/sign-up for porn now? by Anonymous Coward · 2016-09-07 08:50 · Score: 0
  
  I doubt that there's anything decent or honorable about paying the producers. Most of them are exactly the type of person you would expect to be a porn producer.
  How extensive is the experience on which you base that statement? Or do you mean, "Most of them are exactly as I expect, I expect."?
5. Re:why would anyone buy/sign-up for porn now? by Anonymous Coward · 2016-09-10 12:05 · Score: 0
  
  Brazzers stuff turns up in the usual places all the time. I completely ignore it because it's total crap. People actually pay money for that stuff?
Nerdy Guy Backdoors Corporation (creampie, NASTY!) by Anonymous Coward · 2016-09-05 04:10 · Score: 0

nt
Embarrasment factor by PPH · 2016-09-05 04:29 · Score: 1

When your name is published and your friends and neighbors realize you actually pay for online porn.

--
Have gnu, will travel.
answer Cowboy Neal [Re:pr0n forum? Really] by Anonymous Coward · 2016-09-05 05:30 · Score: 0

It's also a great place to store the answers to those security questions that I can never remember.
You know, like "What's your mother's maiden name?". Those should never be answered truthfully so I'll make up an answer and say "The Battle of Hastings" is my mother's maiden name. How could I possibly ever forget such a clever answer? Well, very easily apparently because I only need to know that very rarely.
I answer all those security questions "Cowboy Neal."
What could possibly go wrong?
Honestly, who cares? by Anonymous Coward · 2016-09-05 07:02 · Score: 1

Unless you're in a country/area where this is illegal, who the f*ck cares? My wife knows I look at porn from time to time, we have friends whose wives openly joke about their husbands looking at porn. Any woman who thinks their husband doesn't want to see other boob's is living in a fantasy land. Any man who thinks their wife eyes don't occasionally linger on a younger, ripped man is equally deluded. A few thousand years of religion and social mores is not going to undo two million+ years of biology. Besides, most of the modesty rules were put in place by men to keep other men from touching their _property_. Marriage did not originate as the romantic ideal it is now, it was to signify that a woman belonged to a man and no other men should touch them.
If you're actually cheating and picking up women on Ashley Madison, that's one thing. If you're obsessed with porn and it's interfering with your life, that's another. If you're looking a "private parts" from time to time, that's something completely different... it's called being human.
1. Re:Honestly, who cares? by Andtalath · 2016-09-06 05:57 · Score: 1
  
  Also, most women also look at porn =P
no loss by Anonymous Coward · 2016-09-05 07:59 · Score: 0

some bitches with tits will lose money and some tits with bitch tits will be embrassed.
Oh, lookie there. by Anonymous Coward · 2016-09-05 12:15 · Score: 0

I put my bosses email in. pwnd.
Funny by Anonymous Coward · 2016-09-06 02:24 · Score: 0

funny that people wants to keep porn on their machine when streaming is so freely available,,,,,800 000 idiots, i guess they had it cuming hohoho
my top question is: by Anonymous Coward · 2016-09-06 03:18 · Score: 1

Why vBulletin for a public site like this? Seriously?? It's plagued with security holes, both known and unknown. I'd barely consider running it on a private network.