The hacker group Scattered Lapsus$ Hunters, which includes members of the gang known as the ShinyHunters, claims to have stolen the personal information of premium members of porn site Pornhub and is attempting to extort the site.
On Friday, Pornhub acknowledged that it was among several companies affected by a previous breach at widely used web and mobile analytics provider Mixpanel that exposed unspecified “analytics events” for some Pornhub Premium users.
On Monday, Bleeping Computer reported that it had seen a sample of stolen Pornhub data. This included personal information related to PornHub Premium members, such as registered email addresses and locations. Type of activity, such as videos and channels watched (including video name and web address). Keywords associated with the video. Date and time the event was recorded.
Mixpanel CEO Jen Taylor did not respond to TechCrunch's request for comment. A Pornhub spokesperson, who declined to give his full name, did not respond to TechCrunch's questions about the incident, instead referring the company to a statement it released.
A spokesperson for the ShinyHunters gang told TechCrunch that the hackers have only sent extortion emails to Pornhub so far, declining to say how many other companies were involved in the Mixpanel incident.
Just before the U.S. Thanksgiving holiday, Mixpanel disclosed a breach it discovered on Nov. 8 that affected its business customers, but did not say which customers were affected and how. OpenAI later acknowledged that it was one of its affected customers, along with CoinTracker and SwissBorg.
According to Mixpanel's website, the company has about 8,000 customers, each with potentially millions of users whose data was exposed in the breach.
Contact Us Do you have more information about the Mixpanel breach? What companies were affected? You can contact Lorenzo Franceschi-Bicchierai securely from a non-work device on Signal (+1 917 257 1382) or on Telegram and Keybase @lorenzofb or by email.
The type of data stolen can vary depending on how each customer has configured their Mixpanel account to collect data.
Companies commonly use Mixpanel to track what users do on their sites and apps. It's the equivalent of app developers and website owners looking over their users' shoulders and understanding what they click, view, or swipe. Mixpanel can also log information about your device, such as the size of your screen, whether it's connected to Wi-Fi or a cellular network, and the name of your carrier.
Scattered Lapsus$ Hunters is a coalition of primarily English-speaking hackers believed to be located in Western countries. The hacker has a long history of data breaches and is responsible for some of the year's biggest hacks that affected hundreds of companies, including data thefts targeting Salesforce and Gainsight customers.
Also on Friday, SoundCloud confirmed that about 20% of its users were affected by “unauthorized activity on the auxiliary services dashboard,” likely referring to Mixpanel. The audio streaming giant said the stolen data included email addresses and “information already displayed on public SoundCloud profiles.”
SoundCloud did not respond to TechCrunch's request for comment.