Brazzers Porn Site's Forum Hacked, Exposes Data Of 800,000 Users

Forum of porn website Brazzers has been hacked, exposing the data of as many as 800,000 users, reports Motherboard. Though the data originated from the company's separate forum, the report adds, Brazzers users who never signed up to the forum may also find their details included in the dump. From the report: Motherboard was provided the dataset by breach monitoring site Vigilante.pw for verification purposes. The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.) Troy Hunt, a security researcher and creator of the website Have I Been Pwned? helped verify the dataset by contacting subscribers to his site, who confirmed a number of their details from the data.

pr0n forum? Really

[Anonymous Coward]

Wow, how much of a fine connoisseur of pr0n do you gave to be to be a member of a forum dedicated to teh pr0n? Do people get into flame wars over idiotic minutiae or do they keep complaining about whether or not something really is "news for neckid?"

Re:

[stealth_finger]

I would say you'd be an idiot for using any thing remotely approaching real details for a porn site (why would you even register????) but they probably have a login with facebook button and I'm guessing most of these guys only have one hand free.

Re:

[AmiMoJo]

I noticed that a lot of porn connoisseurs were posting their real names to The Pirate Bay and other torrent sites a while back. Just search for torrents containing a Windows thumbs.db file and open it in a hex editor. Their Windows username will be in there, and about 50% of the time it's their real name.

Re:

[PPH]

Carlos Danger is a real name?

Re:

[Oswald McWeany]

Hey! Danger is my middle name.

Re:

[mrbester]

Missing the surname Spicyweiner. Maybe the input box wasn't big enough (giggity).

Re:

[ls671]

Don't know about Carlos but Rodney Dangerfield seems real:
https://en.wikipedia.org/wiki/... [wikipedia.org]

Re:

[MrDoh!]

There's a Doctor Carlos Danger reserved parking nearby me. Laughed at it at the time, a couple of years before the recent blowup of the name. When it was all blowing up with Wiener's alias and how people were making fun of it I thought "well, one Doctor's not going to be happy about all this".

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[stealth_finger]

Hey, I watch porn too, but like a sensible adult I get it from the piratebay instead of letting out a massive potential compromise by even visiting a porn site. Forget registering or godforbid logging into one. If you want to actually pay for it then fair play but there's gotta be other ways of going about it.

Re:

[No Longer an AC]

I used to attempt to manage passwords in my head with a similar system.

Gradually I decided I needed to do better than that and as the number of passwords and variations of those passwords grew it became impossible for me to remember. I lost a long-time e-mail account because I read about a security breach while I was drinking and being security minded I immediately changed my password to something very clever that I was sure I would remember. Of course I couldn't remember it.

Shortly thereafter I start

Re:

[Opportunist]

Do people get into flame wars over idiotic minutiae

If you have a huge dick, you're at the porn page, if you are a huge dick, you're at the forum. Easy, isn't it?

Re:

[Falos]

https://xkcd.com/1095/ [xkcd.com]

Re:

[MrDoh!]

They probably post "1st post" and 'Hot Grits' just like any other sensible forum system. The Natalie Portman posts are probably a bit risque-er though.

Re:

[stealth_finger]

*knock knock*

Hi I have a large delivery of cream here, you'd better get it in the fridge quick it's starting to get warm and sticky.

Really, plaintext passwords?

[Anonymous Coward]

In all these years the message hasn't gotten out that no website has any need or business or excuse to be storing plaintext passwords???

Re:

[JcMorin]

It's almost criminal...

Re:

[v1]

While I'm not a fan of the "we need to have a law for everything" mentality, this I could make an exception for. Storage of password in plain or recoverable formay should consitute criminal neglegence. Site operators have NO legitimate need to keep plaintext passwords, and expose users to that risk without warning. Imagine if they did give warning?

Creating new account. Enter username and password below. (note: your password will be stored in plaintext)

hell no?

Re:Really, plaintext passwords?

[hey!]

In all these years the message hasn't gotten out that no website has any need or business or excuse to be storing plaintext passwords???

I wouldn't be surprised. There's an awful lot of stuff you need to know, it's easy to underestimate if you've learned it gradually, over "all these years".

Having teenagers myself, I think their education is much better than mine ever was; and of course they have young and agile brains that absorb new information really, really well. But I wonder how the ones going into software are supposed to get to know all the things I've learned over forty years of working with software. Back in the day if you'd read a handful of important books like The Unix Programming Environment, The Art of Computer Programming, Software Tools in C etc you were in-the-know, especially if you had a subscription to Byte and Dr. Dobbs. You could take a few months off and learn the whole shmeer. Of course today you'd add Applied Cryptography to the canon... but still, could you do that today? Is there a software canon someone could study and be ready to go?

We're looking at colleges now, and nowhere on the computer science curriculum is there a course on "Stuff You're Really Expected to Know." You're supposed to pick that stuff up. Either the engineering departments look just like they did forty years ago, or they've gone radically interdisciplinary, an approach that in general I endorse. But either way, there is no way to tell that someone knows all the stuff he ought to know to develop software.

I'm not big on certifications; perhaps my long life history with software has jaded me; I've seen too many people who've collected commercial certifications that aren't worth a damn because it just shows they can parrot back information; they don't necessarily understand anything. But a basic "fit for service" certification is one that I could get behind.

Dates...

[Brian Cothran]

I happened to check when these 928,072 entries were from on vigilante.pw. And they show it from April of 2013. This seems to be from a dump over 3 years ago. I think that should be in the news article....

Re:Dates...

[Ecuador]

Good catch! We shouldn't worry the /.ers who only became members of Brazzers after April 2013.

Re:

[ls671]

Good, my 18th birthday was on May 2013 so I have never watched porn before that.

Re:

[110010001000]

I subscribe continuously to mine.

why would anyone buy/sign-up for porn now?

[sittingnut]

unless ones tastes are very niche specific and peculiar, almost all the popular porn is freely available in quantities larger than anyone can consume.
so if one is not a pirate freeing all that for others, no point in buying anything at all, or even giving info to obtain access.

Re:

[PsychoSlashDot]

unless ones tastes are very niche specific and peculiar, almost all the popular porn is freely available in quantities larger than anyone can consume. so if one is not a pirate freeing all that for others, no point in buying anything at all, or even giving info to obtain access.

Much like any other form of art, some people feel that compensating creators and participants is a decent and honorable thing to do. Availability isn't everything. Patronage is a thing, even in porn.

Embarrasment factor

[PPH]

When your name is published and your friends and neighbors realize you actually pay for online porn.

Honestly, who cares?

[Anonymous Coward]

Unless you're in a country/area where this is illegal, who the f*ck cares? My wife knows I look at porn from time to time, we have friends whose wives openly joke about their husbands looking at porn. Any woman who thinks their husband doesn't want to see other boob's is living in a fantasy land. Any man who thinks their wife eyes don't occasionally linger on a younger, ripped man is equally deluded. A few thousand years of religion and social mores is not going to undo two million+ years of biology. Be

Re:

[Andtalath]

Also, most women also look at porn =P

my top question is:

[Anonymous Coward]

Why vBulletin for a public site like this? Seriously?? It's plagued with security holes, both known and unknown. I'd barely consider running it on a private network.