The hacking group Scattered Lapsus$ Hunters, which includes members of a gang known as ShinyHunters, said it is trying to extort money from porn site Pornhub by claiming to have stolen personal information belonging to the site's premium members.
On Friday, Pornhub confirmed it was among several companies affected by an earlier hack in widely used web and mobile analytics provider Mixpanel.which identified unspecified “analytics events” of some Pornhub Premium users.
On Monday “beeping computer” reported viewing a sample of stolen Pornhub data, which included personal information associated with Pornhub Premium members, including their registered email addresses and location; activity type, such as what videos and channels they watched, including video title and web address; keywords related to the video; and the date and time the event was recorded.
Mixpanel chief executive Jen Taylor did not respond to TechCrunch's request for comment. A Pornhub spokesperson, who did not give his full name, did not respond to TechCrunch's questions about the incident, instead referring us to the company's published statement.
A spokesperson for the ShinyHunters gang told TechCrunch that the hackers have only sent the extortion email to Pornhub so far, and declined to say how many other companies were involved in the Mixpanel incident.
Right before the Thanksgiving holiday in the US, Mixpanel has detected a violation that it discovered on November 8 that its corporate clients were affected, without specifying which ones or how they were affected. OpenAI later confirmed this was one of the affected clients, as well as CoinTracker and SwissBorg.
According to Mixpanel's website, the company has approximately 8,000 customers, with each customer potentially having millions of users whose data was stolen in the hack.
Contact us
Do you have any more information about Mixpanel hack? For example, which companies were affected? From a non-working device, you can securely contact Lorenzo Franceschi-Bicchierai via Signal at +1 917 257 1382 or via Telegram and Keybase @lorenzofb, or e-mail.
The type of data stolen likely depends on how each customer has configured their Mixpanel account to collect data.
Generally speaking, companies use Mixpanel to track what their users do on their site or apps, much like an app developer or website owner monitors a user to see what they click, view, or swipe. Mixpanel can also log information about a user's devices, such as screen size, whether they are connected to Wi-Fi or a cellular network, as well as the carrier name and other data.
Scattered Lapsus$ Hunters are a coalition of predominantly English-speaking hackers believed to be located in Western countries. Hackers have a long history of data breaches and are responsible for some of the biggest breaches this year, including data theft to Salesforce and Gainsight clients, which affected hundreds of companies.
Also on Friday SoundCloud confirmed that about 20% of its users were affected by “unauthorized activity on the ancillary services panel,” likely referring to Mixpanel. The streaming audio giant said the stolen data included email addresses and “information already visible on public SoundCloud profiles.”
SoundCloud did not respond to TechCrunch's request for comment.
:quality(85):upscale()/2025/12/17/779/n/1922153/f10463356942eba81a4bc0.65863691_.png?w=150&resize=150,150&ssl=1 "I’m a Beauty Edtior, and These Are the 9 Best Origins Gifts I’d Wrap in a Heartbeat")
