IE 11 is not supported. For an optimal experience visit our site on another browser.

LulzSec hackers expose passwords of porn site users

Part of a thread regarding the porn passwords hacked by LulzSec.
Part of a thread regarding the porn passwords hacked by LulzSec.Sophos
By Suzanne Choney and Suzanne Choney

Brazen hacking group LulzSec recently has gone after companies and organizations like Nintendo, PBS and an IT security company affiliated with the FBI. But now the group has gone after individuals, publishing the login passwords of nearly 26,000 users of a porn website.

"The hackers compromised the database of the hardcore website (called "Pron"), exposing not only the email addresses and passwords of over 25,000 members but also the credentials of 55 administrators of other adult websites," wrote Graham Cluley, senior technology consultant for Sophos on the security software company's blog.

LulzSec, also known as LulzBoat, "drew particular attention to various government and military email addresses (.mil and .gov) that appeared to have accounts with the porn website," Cluley said.

"That must be an embarrassing one to explain to the boss."

Cluley notes that adding "insult to injury the LulzSec group called on its many recent Twitter followers to exploit the situation, by logging into Facebook with the email/password combinations and tell the victim's Facebook friends and family about their porn habit ... Fortunately, it's reported that Facebook's security team responded quickly to the threat — and reset the passwords for all of the accounts it had which matched the email addresses exposed. Of course, it's still possible that those email address/password combinations are being used on other websites."

It should go without saying, he says, that "logging into someone else's account without their permission is against the law in most countries around the world."

LulzSec's hack should also be "a reminder to Internet users of the importance of using different passwords for different websites," as well.

"If you believe there might be a chance that your username/password were exposed, or if you're simply in the habit of using the same password for multiple websites — now is the time to change your habits," Cluley says. It's good advice: Odds are, LulzSec won't be changing theirs.

Related stories:

Check out Technolog, Gadgetbox, Digital Life and In-Game on Facebook, and on Twitter, follow Suzanne Choney.

Suzanne Choney and Suzanne Choney