ShinyHunters group accesses 200m Pornhub users' search histories
News18 Dec 2025
Cyber extortion group ShinyHunters has reportedly gained access to the sensitive personal information and search histories of more than 200 million premium subscribers of adult video platform Pornhub after breaching third-party analytics platform Mixpanel.
Cyber extortion group ShinyHunters has reportedly gained access to the sensitive personal information and search histories of more than 200 million premium subscribers of adult video platform Pornhub after breaching third-party analytics platform Mixpanel.
The financially-motivated hacker group, active since at least 2020, confirmed to multiple publications this week that it gained access to 94 gigabytes of data associated with approximately 201 million Pornhub users, all of whom have paid subscriptions.
The compromised information includes Pornhub premium subscribers’ email addresses, locations, videos watches, search histories and timestamps. ShinyHunters is allegedly pressing the adult content platform to pay a ransom in Bitcoin to prevent the sensitive and private information from going public.
Pornhub said in a statement last week that the breach occurred after hackers carried out an SMS-based phishing attack on 8th November to gained access to the systems of third-party data analytics platform Mixpanel.
The adult video platform went on to say that the data security breach did not impact its customers’ passwords, payment details or financial information and that the stolen data was several years old as it has not worked with Mixpanel since 2021.
In a published press statement, Mixpanel said it detected a smishing attack on its systems on 8th November and promptly revoked all active sessions, blocked malicious IP addresses, and secured affected accounts to prevent hackers from gaining access to its clients’ data.
“We took comprehensive steps to contain and eradicate unauthorised access and secure impacted user accounts. We engaged external cybersecurity partners to remediate and respond to the incident,” the company said.
Mixpanel has, however, disputed Pornhub’s statement that the recent breach of the latter’s premium subscribers’ data occurred due to the cyber attack on Mixpanel systems.
“The data was last accessed by a legitimate employee account at Pornhub’s parent company in 2023,” the company told BleepingComputer. "If this data is in the hands of an unauthorised party, we do not believe that is the result of a security incident at Mixpanel.”
The financially-motivated hacker group, active since at least 2020, confirmed to multiple publications this week that it gained access to 94 gigabytes of data associated with approximately 201 million Pornhub users, all of whom have paid subscriptions.
The compromised information includes Pornhub premium subscribers’ email addresses, locations, videos watches, search histories and timestamps. ShinyHunters is allegedly pressing the adult content platform to pay a ransom in Bitcoin to prevent the sensitive and private information from going public.
Pornhub said in a statement last week that the breach occurred after hackers carried out an SMS-based phishing attack on 8th November to gained access to the systems of third-party data analytics platform Mixpanel.
The adult video platform went on to say that the data security breach did not impact its customers’ passwords, payment details or financial information and that the stolen data was several years old as it has not worked with Mixpanel since 2021.
In a published press statement, Mixpanel said it detected a smishing attack on its systems on 8th November and promptly revoked all active sessions, blocked malicious IP addresses, and secured affected accounts to prevent hackers from gaining access to its clients’ data.
“We took comprehensive steps to contain and eradicate unauthorised access and secure impacted user accounts. We engaged external cybersecurity partners to remediate and respond to the incident,” the company said.
Mixpanel has, however, disputed Pornhub’s statement that the recent breach of the latter’s premium subscribers’ data occurred due to the cyber attack on Mixpanel systems.
“The data was last accessed by a legitimate employee account at Pornhub’s parent company in 2023,” the company told BleepingComputer. "If this data is in the hands of an unauthorised party, we do not believe that is the result of a security incident at Mixpanel.”
Related Articles
Most Viewed
New rules, rising threats: why lean IT teams must rethink cyber-securitySponsored by CORO CYBER SECURITY
Don’t allow AI experiments to become quiet business risksSponsored by alice.io
The Expert View: Reducing cyber-risk across OT and critical infrastructureSponsored by Claroty
Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF
23-29 Hendon Lane, London, N3 1RT
020 8349 4363
© 2025, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543