Enhanced security measures at Pornhub following attempts to extort Premium user data

Pornhub, a pornographic content platform, was involved in a cybersecurity incident. In mid-December 2025, a group of cybercriminals announced that they had illegally obtained personal information from Premium subscribers. The incident occurred amid concerns about the safeguarding of personal data and the dependence of large digital platforms on external providers for the analysis and management of sensitive information.

During the incident, the group known as ShinyHunters claimed to have stolen a large number of records related to Premium user activity, including email addresses, search and viewing histories, keywords, and timestamps. Although no passwords or financial data were compromised, the nature of the stolen information is particularly sensitive due to the type of content associated with it. The attackers allegedly attempted to extort the company, threatening to publish the data if their financial demands were not met. Pornhub acknowledged the existence of a security incident related to an external provider and alerted affected users to possible attempts at fraud or sextortion, reminding them that the company does not request confidential information by email.

As for the current status of the incident, the situation remains under investigation and evaluation, with no public confirmation that the data has been widely disseminated or that any ransom has been paid. The company has focused its efforts on informing users, mitigating risks, and strengthening security measures and third-party oversight.