xHamster users might want to take a break from watching porn and update their passwords right about now as hackers have leaked thousands of porn account login credentials on the internet.
Subscription-based breach notification service LeakBase has shared a hefty list of compromised login details from the popular pornographic portal, including usernames, email addresses and poorly-hashed passwords, Motherboard reports.
The attack has affected nearly 380,000 users, whose credentials were openly being traded on the digital underground. The database purportedly contains some 40 email addresses belonging to the US Army as well as 30 accounts related to various government bodies – including the UK and the US.
The report makes no mention of when the attack originally took places, but the data was being auctioned off at around the same time an anonymous hacker found a vulnerability in xHamster earlier this year. It remains unclear how the attackers seized a copy of the dataset, but it likely had to do with poor security measures taken by the users.
“The passwords of all xHamster users are properly encrypted, so it is almost impossible to hack them. Thus, all the passwords are safe and the users data secured,” a spokesperson for the company said.
But according to a LeakBase representative, xHamster used a “trivial and easy to crack” MD5 encrpytion algorithm to hash the passwords. “The fact they think the hashes are secure is a blatant example of the faulty security placed in companies even to this day.”
This isn’t the first time a porn service has fallen victim to hackers. Earlier this year, X-rated titan Brazzers disclosed that back in 2012 the porn studio suffered a massive breach, which put the personal details of approximately 800,000 users at risk.
In case you frequent xHamster, now’s the time to open incognito mode and swiftly freshen up your login credentials – and don’t forget to also run a quick check-up on Have I Been Pwned to make sure none of your other porn accounts have been hacked.
via TechCrunch
Get the TNW newsletter
Get the most important tech news in your inbox each week.