A hacking group known as Scattered Lapsus$ Hunters, which includes members of the gang ShinyHunters, claims it is attempting to extort the porn site Pornhub. The group says it has stolen personal information belonging to the website’s premium members.
Pornhub confirmed on Friday that it was among several companies affected by an earlier breach at the widely used analytics provider Mixpanel. That breach exposed unspecified “analytics events” of some Pornhub Premium users. According to a report on Monday, a sample of the stolen Pornhub data included personal information associated with Premium members. This included registered email addresses, locations, and detailed activity logs. The logs showed which videos and channels users watched, including video names and web addresses, associated keywords, and the date and time each event was recorded.
Mixpanel’s chief executive did not respond to a request for comment. A Pornhub spokesperson did not answer specific questions about the incident, referring instead to the company’s published statement. A spokesperson for the ShinyHunters gang stated that extortion emails have so far only been sent to Pornhub and declined to say how many other companies were part of the Mixpanel incident.
Mixpanel revealed the breach right before the U.S. Thanksgiving holiday, stating it was discovered on November 8 and affected corporate customers. The company did not name the affected customers or specify how they were impacted. OpenAI, CoinTracker, and SwissBorg have since confirmed they were among the affected customers. According to Mixpanel’s website, the company has around 8,000 customers, each potentially having millions of users whose data was taken.
The type of data stolen likely depends on how each customer configured their Mixpanel account. Companies typically use Mixpanel to track user behavior on their sites or apps, recording clicks, views, and other interactions. Mixpanel can also log information about a user’s device, such as screen size, network type, and cellular carrier.
Scattered Lapsus$ Hunters is a coalition of primarily English-speaking hackers believed to be based in Western countries. The group has a long history of data breaches and is responsible for some of the largest hacks this year, including major data thefts targeting Salesforce and Gainsight customers, which affected hundreds of companies.
Also on Friday, SoundCloud confirmed that about twenty percent of its users were affected by unauthorized activity in an ancillary service dashboard, likely referring to Mixpanel. The audio streaming company said the stolen data includes email addresses and information already visible on public SoundCloud profiles. SoundCloud did not respond to a request for comment.