**Pornhub Users' Viewing History Hacked - What You Need to Know**
Pornhub, one of the world's most popular adult content websites, has been hit by a massive data breach that has compromised the viewing history of millions of users.
The notorious cybercriminal gang ShinyHunters claims to have stolen 200 million pieces of personal information, including email addresses, location data, and the titles and links of videos viewed by Pornhub customers. At least three former Pornhub users have confirmed that their data was compromised, although it is several years old.
Pornhub has insisted that no passwords, payment details, or financial information have been stolen in the attack. The company claims that the data was stolen via a third-party data analytics provider, Mixpanel, which was used to collect user data and track viewing habits.
However, Pornhub stopped working with Mixpanel in 2021, and the company has denied any involvement in the breach. ShinyHunters is demanding a ransom payment in bitcoin to prevent the publication of the stolen data and delete it from their systems.
**What Happened?**
The breach was discovered on November 27, when cybersecurity firm Sophos reported that Mixpanel had disclosed a cybersecurity incident. Pornhub has since confirmed that the leak affects Premium users only and that they are working to establish the scope of the breach.
According to Pornhub, the unauthorised party was able to use their access to extract a limited set of analytics events for some users, including video viewing history, search history, and timestamps. Graeme Stewart, head of public sector at cybersecurity company Check Point Software, said that the breach exposes not passwords or payment details, but behaviour - "the kind of data people assume disappears but often sits quietly in analytics systems for years".
**What Should You Do?**
If you are a Pornhub Premium user and have reason to believe your data may be compromised, it is essential to remain vigilant. Pornhub advises users to monitor their accounts for any suspicious emails or unusual activity.
According to Brian Higgins, security specialist at Comparitech, "it's only pre-2023 PornHub Premium customers who need to be on their guard in this instance." However, he also warns that the email you receive from hackers claiming to have your information may not be genuine. "The huge numbers quoted in data breaches these days only help to fuel the fear, uncertainty and doubt that criminal organisations rely on to mount successful post-breach extortion campaigns," he said.
**How to Check if You Have Been Hacked**
There is currently no sign that the data has been leaked online, according to Sophos. However, ShinyHunters claims to have 94GB of data, suggesting that the leak may be substantial.
Users can take the following steps to check if they have been hacked:
- Monitor your Pornhub account for any suspicious emails or unusual activity
- Check your email inbox and spam folder for any messages from Pornhub or ShinyHunters
- Use a reputable antivirus software to scan your device for malware
**The Risks of Data Breaches**
The sensitive nature of the data stolen in this breach makes it highly valuable to hackers. "This is highly emotive content because people reasonably expect their use of adult sites to remain private," said Graeme Stewart.
According to Stewart, if this follows established patterns, the next step will be attempted extortion of Pornhub and any third-party providers involved. After that, individuals themselves become the target.
The parallels with the Ashley Madison hack are clear. The breach raises concerns about the Online Safety Act, which compels UK users of adult sites to use age-verification systems. This may lead to private data leaking online, as warned by privacy advocates earlier this year.