A 17-year-old hacker is claiming he made off with the personal and confidential information of more than 350,000 users of the hardcore porn site Brazzers.
The hacker told the Associated Press he gained entry to Brazzers' servers via an inactive Web forum. Last week, the perpetrator posted a sample of the hundreds of thousands of pieces of stolen data to the Internet, including email addresses, user names and encrypted passwords.
Kate Miller, director of communications for Manwin Holding, Brazzers' Luxembourg-based owner, told the AP it is "currently investigating the issue," and that no credit card information had been obtained in the incident.
Manwin Holding said potentially affected customers would be notified through email.
A call to Manwin Holding's Los Angeles office was not immediately returned.
Money, it seems, was not the hacker's intention in the porn site data swipe.
In an email to the AP, the hacktivist, identifying himself only as a 17-year-old living in Morocco, said he breached the Brazzers forum and stole customer data not for financial gain, but instead to expose the site's security vulnerabilities.
Not surprisingly, the teen hacker told the AP he aligned himself with Anonymous, the shadowy network of hacktivists and pranksters who, in their most recent attention-grabbing exploit, launched a cyberattack against the CIA website for the second time in less than a year.
In a blog post, Carole Theriault of the security vendor Sophos assigned blame to the hacker, who, "if he really was genuinely concerned about the vulnerability on the site," should have followed responsible disclosure practices rather than leaking the user data on the Web.
Theriault didn't let Brazzers' parent company off the hook, either. She chastised Manwin Holding for leaving a vulnerable, unused forum active, effectively creating an easy portal for the hacker.
"Make sure to close down accounts and websites you no longer use," Theriault wrote. "Leaving them unpatched, vulnerable and connected is just trouble waiting to happen."