Sloppy security measures at mega skin site YouPorn have exposed 6433 user emails and passwords. The email addresses in particular indicate you should never use your actual information to register to watch free porn. Naked Security explains how anonymous (note lower case “A”) hackers knocked this fat fastball of compromised data right into a public Pastebin file for all to see:
Unlike the recent Brazzers porn site hack, however, sloppy practices are being blamed for the YouPorn incident, with debug data about users seemingly being stored in a public fashion since 2007.
Because what people think about first and foremost when visiting a porn site is absolutely rock-solid security.
The breached data contains clearly identifiable email addresses that lead to individuals and institutions, such as two instances of someone using a Messiah College email–Messiah is an explicitly Christian institution that promotes “character and Christian faith” in students “in preparation for lives of service.” Another series of logins appear to track back to a former student athlete at Alvernia University, which educates students “in the Franciscan tradition.” Adults are free to visit legal porn sites, but the institutions in question might have an issue with their names being anywhere near the user database.
On a much more serious note, Naked Security points out that the hacked data can lead to what amounts to identity theft: “if your YouPorn password is now known, hackers might try that same password against your email address, your PayPal account, your Amazon account, and all many of other online resources.”
Follow Steve Huff via RSS. email@example.com