Pornhub is facing a significant data breach, with the hacking group ShinyHunters claiming to have stolen 94GB of user data affecting over 200 million records and demanding a Bitcoin ransom.
Pornhub is grappling with the aftermath of a massive data leak, as the hacking group ShinyHunters has claimed responsibility for stealing 94GB of user data. This breach reportedly affects more than 200 million records, and the group is now attempting to extort the company for a ransom in Bitcoin.
According to reports from BleepingComputer, ShinyHunters has threatened to publish the stolen data if their demands are not met. Pornhub has acknowledged the situation but insists that its core systems were not compromised during the breach.
The exposed data primarily pertains to Pornhub Premium users. While no financial information was included, the dataset contains sensitive activity details that raise serious privacy concerns. The hackers claim that the stolen records include activity logs that indicate whether users watched or downloaded videos or viewed specific channels. Additionally, search histories are part of the compromised data, heightening the potential privacy risks if this information is made public.
This breach appears to be linked to a previous security incident involving Mixpanel, a data analytics vendor that had worked with Pornhub. That earlier incident occurred in November 2025, following a smishing attack that allowed threat actors access to Mixpanel’s systems. However, Mixpanel has stated that it does not believe the data stolen from Pornhub originated from that incident. The company has found no evidence that Pornhub data was taken during its November breach. Furthermore, Pornhub clarified that it ceased its relationship with Mixpanel in 2021, suggesting that the stolen data may be several years old.
To verify the claims, Reuters reached out to some Pornhub users, who confirmed that the data associated with their accounts was accurate but outdated, consistent with the timeline provided by Mixpanel.
In response to the reports, Pornhub has moved quickly to reassure its users. In a security notice, the company stated, “This was not a breach of Pornhub Premium’s systems. Passwords, payment details, and financial information remain secure and were not exposed.” This clarification helps to mitigate the immediate risk of financial fraud; however, the exposure of viewing habits and search activity still poses long-term privacy risks.
ShinyHunters has been linked to several high-profile data breaches this year, employing social engineering tactics such as phishing and smishing to infiltrate corporate systems. Once inside, the group typically steals large datasets and uses extortion threats to coerce companies into paying ransoms. This strategy has impacted businesses and users globally.
Pornhub has updated its online statement to alert Premium members about potential direct contact from cybercriminals. In cases involving adult platforms, such outreach often escalates into sextortion attempts, where criminals threaten to expose private activities unless victims comply with their demands. The company advised users, “We are aware that the individuals responsible for this incident have threatened to contact impacted Pornhub Premium users directly. You may therefore receive emails claiming they have your personal information. As a reminder, we will never ask for your password or payment information by email.”
As one of the world’s most visited adult video platforms, Pornhub allows users to view content anonymously or create accounts to upload and interact with videos. Even though the stolen data is several years old, users are encouraged to take this opportunity to enhance their digital security.
To bolster security, users should start by updating their Pornhub passwords. It is also advisable to change the passwords for any email or payment accounts linked to Pornhub. Utilizing a password manager can simplify the process of creating and storing strong, unique passwords.
Additionally, users should check if their email addresses have been exposed in previous breaches. A reliable password manager often includes a built-in breach scanner that alerts users if their email addresses or passwords have appeared in known leaks. If a match is found, it is crucial to change any reused passwords and secure those accounts with new, unique credentials.
Data breaches frequently lead to follow-up scams. Users should remain cautious of emails, texts, or phone calls referencing Pornhub or account issues. It is essential to avoid clicking on links, downloading attachments, or sharing personal information unless the source can be verified. Installing robust antivirus software adds another layer of protection against malicious links and downloads.
Data removal services can assist in removing personal information from data broker websites that collect and sell details such as email addresses, locations, and online identifiers. If leaked data from this breach is shared or resold, removing personal information can make it more challenging for scammers to connect it to individuals.
Identity theft protection companies can monitor personal information, such as Social Security Numbers, phone numbers, and email addresses, alerting users if their data is being sold on the dark web or used to open accounts. Early warnings can help mitigate damage if personal data surfaces.
Using a VPN can help protect browsing activity by masking IP addresses and encrypting internet traffic, which is particularly relevant in cases like this, where exposed activity data may include location signals or usage patterns. While a VPN cannot erase past exposure, it reduces the visibility of new information and complicates the linking of future activity to individuals.
The recent data leak at Pornhub underscores the risks associated with long-stored user information. Although passwords and payment details were not compromised, the exposure of activity data can still have damaging consequences. ShinyHunters has demonstrated a willingness to exert pressure through public threats, highlighting the importance of remaining vigilant and proactive about online security.
Should companies be allowed to retain years of user activity data once it is no longer necessary? This question remains open for discussion as the implications of such data storage continue to unfold. For further insights, readers can visit CyberGuy.com.