Login details for 800,000 Brazzers users leaked

The email addresses and passwords of approximately 800,000 users of adult website Brazzers have been found online by breach-monitoring site vigilante.pw.

The leaked data matches data that was compromised in a breach of ‘Brazzersforum’ back in 2012. It’s not clear why it’s taken four years for this data to become public.

A Brazzers spokesperson said:

“This matches an incident which occurred in 2012 with our ‘Brazzersforum,’ which was managed by a third party. The incident occurred because of a vulnerability in the said third party software, the ‘vBulletin’ software, and not Brazzers itself.

“That being said, users’ accounts were shared between Brazzers and the ‘Brazzersforum’ which was created for user convenience. That resulted in a small portion of our user accounts being exposed and we took corrective measures in the days following this incident to protect our users.”.

vBulletin, again

vBulletin has been mentioned in many breaches lately, mostly because it has multiple holes that leak data when the software is incorrectly maintained and updated.

Troy Hunt, the founder of haveibeenpwned.com, recently posted a lengthy piece on vBulletin, and it’s a must-read for those who use the software.

Penetration (security) testing

Regularly conducting penetration tests is fundamental for ensuring that an organisation’s networks and applications are secure.

If you’d like to learn about penetration tests and how they can reduce your cyber risk, I invite you to download our free green paper ‘Assured Security: Getting cyber secure with penetration testing‘.