The official count on stolen credentials from Brazzers websites is 928,072 accounts, though Motherboard has it that, accounting for duplicates, the real number sits at 790,724 accounts (as per Vice). That’s the number of email addresses that were retrieved by security monitoring firm Vigilante, though the leaked data is also said to contain plain-text passwords and usernames associated with those emails.
The only silver lining to all this is that it’s likely that the data is old. In a statement, a Brazzers spokesperson claimed that the data appears to match a breach that occurred in 2012. That means that as long as you have changed your details since then, you’re likely absolutely fine.
Of course it never hurts to check. Sites like HaveIBeenPwnd can let you know if your email was caught up in a leak of account data from one of a number of major hacks in recent years.
Related: Did you get a bunch of emails from Variety this weekend? OurMine is to blame
Despite claiming that it’s an old hack, Brazzers isn’t taking any chances and has shut down the forum temporarily while it investigates for any potential new breach in its security.
It’s not clear at this time whether the passwords were stored in plain text, or were simply easy to decipher, but either way Brazzers is likely to be dragged over the coals for this. Plain text or weakly encrypted passwords represent a distinct vulnerability in security for site users, something that — especially for a pornography site — should be a priority for administrators.
That goes especially for those running forums. A porn site account might be hard enough to explain (in some circles), but having your private thoughts on such a forum linked with your email and real name could well lead to disaster.
