PornHub has confirmed a meaningful data breach impacting its Premium users,stemming from a cyberattack on analytics provider Mixpanel. The adult entertainment platform reports that approximately 200 million user records, including search history adn location data, have been compromised and are subject to an ongoing extortion attempt. While passwords and payment information remain secure, the incident highlights the vulnerability of user data even after services are discontinued, as the compromised records date back to 2021 when PornHub last utilized Mixpanel’s services.
PornHub, the world’s leading adult content platform, has disclosed a data breach and subsequent extortion attempt following a cyberattack targeting its Premium users.
The attackers claim to have obtained over 200 million records containing user account activity, including search queries, viewing history, and downloads, as well as email addresses and approximate location data.
According to reports circulating on social media and specialized security forums, the cybercriminals are threatening to publicly release the database or directly contact affected users unless their demands are met.
The compromised file is approximately 94 GB in size and contains historical data collected over several years.
How the PornHub Hack Occurred
The company stated that the incident did not originate within PornHub’s own systems. Instead, the intrusion occurred at Mixpanel, an analytics platform used by technology companies to track user behavior. Beginning in November 2025, following an unauthorized access event, the responsible group began sending extortion emails to clients of the analytics provider, asserting they had exfiltrated substantial volumes of data.
The records in this instance pertain to information gathered up to 2021, the year PornHub ceased utilizing Mixpanel’s services. Security researchers analyzing samples of the data confirm it includes details of activity within the site, video URLs and names, search keywords, timestamps, and approximate location, alongside email addresses.
PornHub clarified that passwords and payment information were not compromised and has alerted users to potential phishing emails referencing the breach. The company reminded users that it never requests login credentials or banking details via email and advised exercising caution with unsolicited messages.
Who is Behind the Attack on PornHub
ShinyHunters, a cybercriminal organization known for data theft-based extortion operations, has claimed responsibility for the hack. The group employs advanced social engineering techniques, including phishing and vishing, to impersonate employees and gain access to corporate systems. In 2025, ShinyHunters was linked to several of the year’s most significant data leaks, including breaches exploiting integrations with Salesforce.
The incident underscores the risks associated with using third-party analytics platforms and the potential exposure of historical data. Information collected years ago, even after a service is discontinued, can become a source of pressure and extortion, directly impacting the privacy of millions of users. This breach highlights the growing need for robust data security practices and vendor risk management across the tech industry.
