Advertisement
Tech by VICE

Pornhub Says Hack Was 'Merely a Hoax'

After an investigation, the adult video website couldn’t find any evidence of a data breach.

by Lorenzo Franceschi-Bicchierai
May 16 2016, 2:50pm

Image: Chaikom/Shutterstock

Over the weekend, a hacker only known as Revolver claimed to have hacked Pornhub. He tweeted alleged screenshots of what looked like a server's backend and offered to sell access to one of the site's servers for $1,000.

But as it turns out, the hacker's story might have been made up.

"He didn't have any server access," a Pornhub spokesperson told me via Twitter message.

The adult video website said it investigated Revolver's claims and found that while Revolver's screenshots to prove his feat "might look realistic to people without knowledge of the underlying infrastructure, the attack as described by the hacker is not technically possible."

"This incident was merely a hoax and no Pornhub systems were breached during those recent events," the company said in a statement. (Other than posting the screenshots, Revolver didn't demonstrate he had access to Pornhub's server in any other way.)

Pornhub ended with the customary boilerplate corporate statement reassuring viewers that "the safety and security of our users is Pornhub's top priority." The company also noted that since last week, it has a bug bounty program in place, with which friendly hackers can warn the site of flaws and bugs, and get rewards of up to $25,000.

Revolver could not be reached for comment on Monday morning. But this looks like yet another example of an overblown, or even nonexistent, hack. Earlier this month, a hacker was allegedly selling a stash of 272 millions emails and passwords for $1. Reuters first reported the story, slapping a big "Exclusive" in front of it, which prompted countless blogs to pick it up. But as it turned out, that story was also a hoax, and the database was likely just a collection of credentials leaked as part of older data breaches.

In this case, it looks like Revolver either completely made up the story, or at least oversold it. But breaches like these aren't uncommon, even on large, well known sites or services such as Uber, the toy company VTech, and countless others.

Correction: a previous version of this story said the hacker was 19 years old. The hacker, however, said he lied when he told Motherboard his age. He now refuses to reveal it.