- Pornhub claims that the Mixpanel compromise exposed some premium user data, but not passwords or payment information.
- Mixpanel Disputes Pornhub Data Leaked in November Hack, ShinyHunters Claims Responsibility
- The attackers allegedly store 94 GB of sensitive records, including emails, activity details, and browsing metadata.
Adult website Pornhub said some Premium members' data was compromised in a third-party supply chain attack.
In a data breach notification letter posted on the company's website on December 12, Pornhub explained that unnamed attackers had hacked Mixpanel, a third-party data analytics provider with which the company had not partnered since 2021.
There, hackers managed to obtain some confidential data generated by premium users of the platform. No passwords, credentials, payment details or government identification were taken, the department stressed.
Hiding in plain sight
“Like Google, ChatGPT and others that were compromised by the same attackMixpanel has informed us of this violation,” the statement reads. “Although we have not partnered with Mixpanel since 2021, it is our responsibility to inform you of this event.”
Pornhub did not reveal any additional details, such as the number of people affected by the hack, the nature of the information stolen, or the identities of the attackers.
The company said it had launched a “comprehensive internal investigation”, involving the relevant authorities as well as Mixpanel. He urged users to “remain vigilant” about incoming emails, especially those claiming to come from Pornhub.
The violation cited by Pornhub, which also affected Google and ChatGPT – was discovered in November 2025, with the Mixpanel hack attributed to ransomware ShinyHunters actors.
However, there are conflicting reports about the attack, as reported by Mixpanel. PipComputer they don't believe Pornhub data was stolen during this particular incident.
“Mixpanel is aware of reports that Pornhub has been extorted for data that was allegedly stolen from us,” Mixpanel told the publication. “We can find no indication that this data was stolen from Mixpanel during the November 2025 security incident or in any other way.”
“The data was last accessed using a legitimate employee account from Pornhub's parent company in 2023. If this data is in the hands of an unauthorized party, we do not believe this is the result of a security breach in Mixpanel.”
The same publication also reports that ShinyHunters have confirmed their involvement in the hack. They claim to have stolen 94 GB of data containing more than 200 million records. They shared a sample apparently proving that the stolen information was highly sensitive and included email addresses, activity type, location, video URL, video titles, video-related keywords, and video watch time.
The best antivirus for any budget
Follow TechRadar on Google News. And add us as your preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the “Subscribe” button!
And of course you can also Follow TechRadar on TikTok for news, reviews, unboxing videos and get regular updates from us on whatsapp too much.
