The Hacking of Pornhub Is a Ticking Time Bomb. As 2025 comes to an end, the cybersecurity world is facing an unprecedented hack. The target is Pornhub, a giant of the global pornography industry.
A few days ago, hackers managed to exfiltrate data belonging to 100 million registered users of the platform. The theft of this sensitive information, confirmed by Pornhub, could have extremely serious consequences for some members.
What Pornhub Represents on the Global Web
Pornhub hosts millions of pornographic videos and claims around 100 million visits per day. It consistently ranks among the world’s 20 to 30 most visited websites.
The platform can be accessed for free without registration. However, users who create an account and pay for a Premium subscription (around 10 Swiss francs per month) gain access to more content, higher-quality videos, and an ad-free experience.
A Cyber Attack on PornHub Carried Out via a Third Party
The hacking of PornHub was reportedly carried out by a group calling itself “Scattered Lapsus$ Hunters,” linked to another group known as ShinyHunters. The hackers claimed responsibility for stealing data belonging to Pornhub members.
Pornhub quickly confirmed the incident. The company stated that a cybersecurity breach involving a third-party analytics service provider had impacted some Pornhub Premium users. The platform stressed that the incident affected only certain Premium users.
Pornhub also sought to reassure users, stating that this was not a breach of Pornhub’s own systems. Passwords, payment details, and financial information were not exposed.
Mixpanel Used as a Trojan Horse
The compromised third-party provider was Mixpanel, a company that supplies thousands of websites with user behaviour analytics. This includes data on where users click, when they interact, and what devices they use.
Hackers exploited Mixpanel as a Trojan horse to access Pornhub-related data. According to the cybersecurity website BleepingComputer, ShinyHunters stole 94 gigabytes of data.
This data reportedly contains more than 201 million records of historical activity, including searches, viewing habits, and downloads by Pornhub Premium members. The information includes email addresses, activity types, locations, video URLs, video titles, and associated keywords.
Parallels With the Ashley Madison Hack
If this data is made public, the identities of millions of Pornhub users could be exposed, along with their private search histories.
Steven Meyer, director of the Geneva-based cybersecurity company ZENDATA, compares the incident to the Ashley Madison hack in 2015. After user data from that infidelity dating site was leaked, some individuals reportedly took their own lives.
According to Meyer, the consequences of the Pornhub breach could also be extremely serious. He notes that search history data is particularly problematic. In some countries, certain sexual orientations are illegal, meaning exposed searches could put users at risk.
He also points out that Premium users are likely heavy users of the platform and may have made highly compromising searches.
Confusion Around the Age of the Data
There is uncertainty about how old the stolen data is. Pornhub claims it stopped using Mixpanel in 2021, while Mixpanel denies that the data originated from its systems.
This lack of clarity is troubling for both consumers and the wider tech industry. Many platforms depend heavily on interconnected service providers.
Data Disclosure Seen as Inevitable
Steven Meyer believes the risks for Pornhub Premium subscribers are extremely high. He does not expect Pornhub to pay the ransom demanded by the hackers.
He believes the data will eventually become public in some form.
Cybersecurity firm Eye World says the incident reflects a broader shift in cybercrime tactics. Hackers increasingly target data with emotional or reputational value rather than purely financial assets.
Medical records, private messages, and browsing habits are now as valuable as financial data. Attackers exploit fear of disclosure by threatening to release information instead of disrupting services.
The conclusion is clear: platforms must implement stricter internal access controls.
An Ongoing Threat for Users
For Pornhub Premium users, the threat now hangs permanently overhead. The potential release of this data represents a long-term personal and reputational risk.
Ironically, cybercrime itself is increasingly discussed at major global forums. This incident highlights how deeply personal data has become a central target in modern digital warfare.
