Hackers are reportedly selling 380,000 hacked xHamster account details

By midian182 ยท 4 replies
Nov 30, 2016
Post New Reply
  1. If you can’t trust a porn site to keep your personal details safe, then who can you trust? Yes, it seems that yet another adult entertainment company has leaked its members’ information all over the web. Two months ago it was Brazzers; now it's claimed that xHamster has been caught with its virtual pants down.

    According to a report by Motherboard, breach notification site LeakBase has revealed that 380,000 users were affected by the hack, which has resulted in credentials, including usernames, email addresses, and “poorly hashed” passwords, being traded on the digital underground.

    xHamster doesn’t require viewers to create accounts, but those who do can post comments, create personal collections, and upload their own videos. While that 380,000 figure does sound like a lot, the site claims to have 12 million members.

    The report adds that 40 of the email addresses in the database belong to the US Army, and 30 are related to various US, UK, and other countries’ government bodies.

    It’s not clear exactly when the breach took place, but the information was being traded at around the same time an anonymous hacker found a vulnerability in xHamster earlier this year. Exactly how the hacker or hackers got all the details is unclear.

    “The passwords of all xHamster users are properly encrypted, so it is almost impossible to hack them. Thus, all the passwords are safe and the users data secured,” a spokesperson for the company said. However, Motherboard says the site uses the outdated MD5 hashing algorithm, which hackers can easily crack.

    Responding to the Motherboard report, xHamster claims no hack took place. "The only way to respond to this news is to coin a new term: 'Fhack.' A fhack is best defined as a fake hack. There was a failed attempt to hack our database which occurred 4 years ago. The integrity of our user data is secure. Passwords are encrypted and impossible to hack. In short, this was a successful fhack; and a failed hack."

    When asked how xHamster's user emails found their way into the hands of data traders, the site said: "We cannot validate that the emails are real and we don't believe that this is a genuine database." Strangely, Motherboard said it has independently verified the leaked email addresses and usernames.

    Permalink to story.

  2. Bigtruckseries

    Bigtruckseries TS Evangelist Posts: 583   +318

    YES, I use xhamster. But I was very careful not to put any "real" information on it that could be linked to myself. Videos starring my girlfriend, my X and myself have no "faces" or "heads" or geotags. So I'm completely untouchable.

    People should already know that these sites are hackable after what happened o'er at Ashley Madison.

    Even if they did manage to figure out which videos we're in, it will only make my status increase since I did a damn good job in those clips.
  3. Uncle Al

    Uncle Al TS Evangelist Posts: 3,350   +1,999

    Yeah .... I always use my neighbors credentials on those web sites .... he's 90 and blind so he's not loosing anything .... that he knows of! LOL
  4. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,274

    I remember that site but I woulda though it would've ceased to exist long ago. If memory serves me correctly, all their videos made old Charlie Chaplin movies look like they were recorded in 4K. 144p was the best quality one could get.
  5. Camikazi

    Camikazi TS Evangelist Posts: 925   +284

    Yeah, keep thinking the server doesn't keep track of you, bad info or not. Someone knows and anyone who watches might notice something they recognize and find you, you are never untouchable on the internet.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...