The hacking group Scattered Lapsus$ Hunters, which includes members of a gang known as ShinyHunters, said it is attempting to extort porn site Pornhub, after claiming to have stolen personal information belonging to the website’s premium members.
On Friday, Pornhub confirmed it was among several companies affected by an earlier breach at the widely used web and mobile analytics provider Mixpanel, which exposed unspecified “analytics events” of some Pornhub Premium users.
On Monday, Bleeping Computer reported seeing a sample of the stolen Pornhub data, which included personal information associated with PornHub Premium members, including their registered email addresses and location; activity type, such as which videos and channels they watched, including the video name and web address; keywords associated with the video; and the date and time that the event was recorded.
Mixpanel chief executive Jen Taylor did not respond to TechCrunch’s request for comment. A Pornhub spokesperson, who did not provide their full name, did not answer questions sent by TechCrunch about the incident, referring us instead to the company’s published statement.
A spokesperson for the ShinyHunters gang told TechCrunch that the hackers have sent an extortion email only to Pornhub so far, and declined to say how many other companies were part of the Mixpanel incident.
Right before the U.S. holiday of Thanksgiving, Mixpanel revealed a breach that it discovered on November 8, which affected its corporate customers, without saying which ones, nor how they were affected. OpenAI later confirmed it was one of those affected customers, as well as CoinTracker and SwissBorg.
According to Mixpanel’s website, the company has around 8,000 customers, with each customer having potentially millions of users whose data was taken in the breach.
Contact Us Do you have more information about the Mixpanel breach? Such as what companies were affected? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or . Do you have more information about the Mixpanel breach? Such as what companies were affected? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email
The type of data stolen likely depends on how each customer configured their Mixpanel account to collect data.
Generally speaking, companies use Mixpanel to track what their users do on their site or apps, similar to an app developer or website owner watching over a user’s shoulder to learn what they click, view, or swipe. Mixpanel can also log information about the user’s devices, such as the size of the screen, whether they are on Wi-Fi or a cellular network, and the name of the carrier, among other data.
... continue reading