Hackers have claimed they stole sensitive viewing and search history from some Pornhub Premium users. The group behind it is ShinyHunters, a known cybercrime outfit. They’re now trying to extort the company, threatening to leak the information if no ransom is paid.
It all ties back to a breach at Mixpanel, an analytics company that tracks user behaviour for websites and apps. Pornhub used Mixpanel years ago but stopped in 2021. Still, old data stuck around in Mixpanel’s systems. In November 2025, Mixpanel got hit by a phishing attack over text messages—called smishing—that let intruders in.
Pornhub put out a notice on December 12, saying the incident affected a limited number of Premium accounts. Importantly, it wasn’t a direct hack of Pornhub’s own servers. No passwords, credit card details, or payment info got exposed. The company is looking into it more and says user logins are safe.
ShinyHunters says they grabbed about 94 gigabytes of data, with over 200 million records. That includes emails linked to accounts, locations, video titles watched or downloaded, keywords, and timestamps. They claim it covers search histories too. A sample they shared with reporters showed exactly that kind of detail – things most people wouldn’t want out in the open.
Mixpanel pushes back on this. They say their November breach only hit a small group of customers, and Pornhub wasn’t one of them. The last time Pornhub’s parent company accessed the data legitimately was in 2023, according to Mixpanel. So they’re saying this stolen stuff didn’t come from their recent incident.
Either way, the hackers are using it to pressure Pornhub. They’ve sent extortion emails, and so far, it seems focused on this one company from the Mixpanel mess. Other firms like OpenAI were affected by the original Mixpanel breach, but this extortion angle is new for Pornhub.
This kind of data is especially private. Viewing habits on an adult site can reveal a lot about someone. If it leaks, it could lead to embarrassment, blackmail attempts, or worse. Experts compare it to older big breaches, like the 2016 Adult Friend Finder one, and say this could be just as bad – or bigger – if the claims hold up.
For now, no full leak has happened. Pornhub advises users to watch for weird emails or account activity. If you’re a Premium member, it might be worth checking sites like Have I Been Pwned to see if your email pops up in breaches. Changing passwords elsewhere isn’t a bad idea, even if Pornhub says credentials are fine.
ShinyHunters has been busy this year with other high-profile hacks. They’ve gone after companies using Salesforce and more. This fits their pattern: steal data, demand money, threaten to dump it online.
The story is still developing. Pornhub and Mixpanel are investigating, and law enforcement might get involved if things escalate. Supply-chain attacks like this – hitting a vendor to get at their clients – keep happening more often. It shows how old partnerships can come back to cause problems years later.
Users worried about privacy on sites like this often turn to VPNs or separate emails. But once data is out there, it’s hard to pull back. We’ll keep an eye on any updates, like if the hackers follow through or if more details come out about how much was really taken.
