I have some bad news, and some good news: The bad news is that a vulnerability on the website exposed personally identifiable information of members. The good news is that the security hole was discovered by security researchers as part of Pornhub’s bug bounty program through HackerOne.
A blog post from Evonide–the security researchers who found the vulnerability, explains, “Pornhub’s bug bounty program and its relatively high rewards on Hackerone caught our attention. That’s why we have taken the perspective of an advanced attacker with the full intent to get as deep as possible into the system, focusing on one main goal: gaining remote code execution capabilities. Thus, we left no stone unturned and attacked what Pornhub is built upon: PHP.”
That means that rather than having millions of people try to explain to spouses, friends, family, and co-workers why they have Pornhub accounts, Pornhub was able to identify and fix the flaw so the data is now secure.
While anyone can surf the copious volumes of salacious porn videos for free without logging in at all, there are some benefits to actually creating a Pornhub account. Those who register for a free account have the ability to download videos, upload videos, create playlists of videos, subscribe to channels, and message other Pornhub members. Paid membership provides faster streaming, exclusive member content, and–perhaps most importantly–remove the ads. The perks are enough for both the free and paid accounts, that it’s easy to see why someone would register for a Pornhub account.
So, the good news is that the crisis was averted and you have nothing to worry about–at least not right now and not from this particular vulnerability. Carry on enjoying watching insatiable women taking it in the backdoor without concern that hackers are using a different sort of backdoor to steal your information and possibly expose your affinity for porn.
Leave a Reply