Hacking group ShinyHunters said on Tuesday it had stolen data belonging to premium customers of a leading sex site. Pornhub and threatens to publish it.
While Reuters could not immediately determine the extent or details of the hack, the hackers provided a sample of the data, which the news agency was able to partially authenticate.
At least three former Pornhub customers – two men from Canada and a man from the United States – confirmed to Reuters that the data relating to them is reliable, although it was obtained several years ago. They spoke on condition of anonymity given the sensitivity of the matter.
“We are demanding a ransom in Bitcoin to prevent publication [Pornhub] data and delete them,” ShinyHunters told Reuters in an online chat.
Pornhub and its corporate owners, Canadian company Ethical Capital Partners, did not respond to messages. News of the hack was previously reported by cybersecurity news site Bleeping Computer.
Pornhub, which claims more than 100 million daily visits and 36 billion visits annually, is one of the Internet's most popular providers of sexual content, especially videos, many of which are available to watch for free.
Receive daily national news
Get the day's top news, political, economic and current affairs headlines delivered to your inbox once a day.
ShinyHunters shared data on 14 users of Pornhub, a premium service that offers high-definition videos, ad-free viewing and virtual reality.
Reuters was able to match six individuals from the ShinyHunters data with information posted online during previous data breaches and preserved by darknet intelligence firm District 4 Labs. Three of the people affected confirmed to Reuters that they had at some point subscribed to Pornhub's premium service.
Reuters could not immediately determine how ShinyHunters obtained the data. ShinyHunters said it would not go into details of the hack.
In a statement released on December 12, Pornhub reported a recent cybersecurity incident involving third-party data analytics provider Mixpanel that affected an undisclosed number of Pornhub Premium users. The statement said the incident occurred in the Mixpanel environment and involved “a limited set of analytics events for some users.”
Mixpanel, which offers its clients detailed information about user data and activities, reported a cybersecurity incident on November 27.
In a statement provided to Reuters on Tuesday, the company said it was aware of Pornhub's statement but “can find no indication that this data was stolen as a result of our security incident in November 2025 or otherwise.”
According to the statement, Pornhub data was last accessed through Mixpanel by a “legitimate account of an employee of Pornhub's parent company in 2023.” “If this data is in the hands of an unauthorized party, we do not believe it is the result of a security incident at Mixpanel.”
ShinyHunters told Reuters that this data is related to the recent incident with Mixpanel. Mixpanel denied ShinyHunters' claim, saying the company conducted a thorough investigation into the November incident with external cybersecurity experts and notified all affected customers.
“We are confident that Pornhub was not one of these customers and that this data is not related to the November incident,” a company spokesperson said in an email.
ShinyHunters is an established hacking group linked to a number of high-profile hacks and extortion attempts in recent months, including customer data from Salesforce and luxury retailers in the UK.
