YouPorn passwords extracted and posted

YouPorn appears to have been compromised after hackers publicly posted the passwords, emails, and dates of birth of over a million users.

Sophos security analyst Graham Cluley attributed the breach to a public-facing server that wasn’t properly locked down.

“Unlike the recent Brazzers porn site hack, sloppy practices are being blamed for the YouPorn incident, with debug data about users seemingly being stored in a public fashion since 2007,” Cluley explained.

“Hackers have been sifting through the information, and in some cases republishing it elsewhere online. So even though YouPorn appears to have now shut down the offending server – its users remain exposed.”

According to Cluley, the YouPorn leak illustrates the clear and present danger of having passwords and e-mail addresses exposed by sites with less than stellar security. 

As such, the analyst recommended users diversify their passwords by employing different login credentials for various sites.

“If your YouPorn password is now known, hackers might try that same password against your email address, your PayPal account, your Amazon account, and all many of other online resources,” he warned.

“So if you are still using the same password on multiple sites, please change your dirty habit now.”