Hackers have exposed the email addresses, usernames and passwords of nearly 800,000 users of the porn site Brazzers.
The data was stolen from an associated forum where people discussed their favourite positions and performers.
Troy Hunt, a security research who helped Motherboard verify the data, tweeted:
While the data came from Brazzersforum, Motherboard reported that it also exposed some users who had only signed up to Brazzers itself.
A spokesperson for Brazzers told the site: “This matches an incident which occurred in 2012 with our ‘Brazzersforum,’ which was managed by a third party. The incident occurred because of a vulnerability in the said third party software, the ‘vBulletin’ software, and not Brazzers itself.
“That being said, users’ accounts were shared between Brazzers and the ‘Brazzersforum’ which was created for user convenience. That resulted in a small portion of our user accounts being exposed and we took corrective measures in the days following this incident to protect our users.”
Brazzersforum was closed after data from the breach started circulating, the BBC reported.
The spokesperson added that non-active accounts in the list had been banned in case the usernames and passwords were reused in the future.
Hunt said that hackers had exploited vulnerabilities in the third party vBulletin software which was used to maintain the forum.
He told Motherboard: “We’ve seen a real spate of vBulletin breaches where the software had been left pretty much unattended and unloved.”
In July, Pornhub requested that ethical hackers attempt to break into its systems in an attempt to pinpoint security flaws.