Hacking group 'ShinyHunters' threatens to expose premium users of sex site Pornhub

Hacking Group Claims to Have Stolen Data from Pornhub

A hacking group known as "ShinyHunters" has claimed to have stolen data from premium customers of the popular adult content website Pornhub. The group announced on Tuesday that they are threatening to release the data unless a ransom is paid in Bitcoin.

Although the exact scope and details of the breach could not be immediately verified, ShinyHunters provided a sample of the data, which was partially authenticated by the news agency. At least three former Pornhub customers — two men in Canada and one in the United States — confirmed to the news agency that the data related to them was authentic, though it dates back several years. These individuals spoke under the condition of anonymity due to the sensitive nature of the issue.

"We’re demanding a ransom payment in Bitcoin to prevent the publication of [Pornhub] data and delete the data," ShinyHunters stated in an online chat with the news agency.

Pornhub and its corporate owners, Ethical Capital Partners based in Ottawa, Canada, did not respond to messages. The breach was initially reported by cybersecurity news site Bleeping Computer.

Pornhub, one of the most visited websites for adult content, claims over 100 million daily visits and 36 billion annual visits. It is particularly known for its video content, much of which is available for free.

ShinyHunters shared data from what it claimed were 14 users of Pornhub’s premium service, which includes high-definition videos, ad-free viewing, and virtual reality features. DISCOVERTREND was able to match the details of six people in the ShinyHunters’ data to information previously leaked online and preserved by the dark web intelligence firm District 4 Labs. Three of the affected individuals confirmed to DISCOVERTREND that they had, at some point, been signed up for Pornhub’s premium service.

The news agency could not immediately determine how ShinyHunters obtained the data. The group also declined to provide further details about the breach.

On December 12, Pornhub released a statement regarding a recent cybersecurity incident involving third-party data analytics provider Mixpanel. The statement mentioned that the incident involved an undisclosed number of Pornhub Premium users and occurred within Mixpanel’s environment, affecting a "limited set of analytics events for some users."

Mixpanel, which provides detailed insights into user data and activities for its clients, disclosed a cybersecurity incident on November 27. In a statement provided to DISCOVERTREND on Tuesday, the company said it was aware of Pornhub’s statement but found no indication that the data was stolen from its November 2025 security incident or otherwise.

According to the statement, Pornhub’s data with Mixpanel was last accessed by "a legitimate employee account at Pornhub’s parent company in 2023." If this data is in the hands of an unauthorized party, the company does not believe it resulted from a security incident at Mixpanel.

ShinyHunters claimed the data was connected to the recent Mixpanel incident. However, Mixpanel denied this claim, stating that it conducted a thorough investigation with external cybersecurity experts and notified all affected clients.

"We are confident Pornhub was not among those clients and that this data is unrelated to the November incident," a spokesperson for the company said in an email.

ShinyHunters is a well-known hacking group associated with several high-profile hacks and extortion attempts in recent months, including data breaches involving customers of Salesforce and luxury retailers in the U.K.