‘Data 380,000 users of porn site are available on the internet’
The usernames, hashed passwords and email addresses of 380,000 users of the porn site xHamster are being put up for sale on the internet. The passwords are provided with an md5 hash, which makes them quite easy to crack.
Motherboard writes that it obtained the database and was able to verify that the email addresses of 50 random accounts were already in use on the site. The same was true for the same number of usernames from the database, except for one. It is unclear how the database was leaked. According to LeakBase, the site that provided the data to Motherboard, it is from last year.
Around the same time, a leak in the free porn site was discovered, according to LeakBase. Users can create an account there, among other things to comment and create collections. According to a spokesperson for xHamster, the site protects its stored passwords with “sound encryption”. Motherboard doubts this, because the passwords are hashed only with md5, which has long been known as a weak algorithm.
It is recommended for users to change their password and use a unique password for each individual site.