Porn Site Hit By Hardcore Hack

Hacker group The Consortium claims responsibility, but promises not to use information for personal gain

Digital Playground, one of the biggest porn sites in the world, was hacked last week, in the first attack by a newly-formed hacker group calling themselves The Consortium.

After compromising the hardcore porn site’s servers, the cyber crooks took 40,000 plain-text credit card numbers, including names, CCV numbers and expiration dates, along with personal information of 72,000 users.

“Is anyone besides David on the line?”

In a statement posted on hacking forum site zone-h.com, The Consortium called Digital Playground’s  security “a joke”. The group claimed it was able to find credit card details of the website’s clientele in plain text format. They also claimed to have easily rooted four of the website’s servers, and even listened in on the company’s conference calls using credentials from emails.

“We tapped into their conference call. ‘Is anyone besides David on the line?’ – we were. Did we win? Sure looks that way,” the statement read. “This site has so many freaking holes that if I didn’t know it was a porn site, I would have mistaken it for a honeypot.”

The new faction appears to be affiliated with Anonymous and LulzSec, and a large number of Anonymous followers have already acknowledged The Consortium as a legitimate hacker group on Twitter.

This latest attack follows a YouPorn hack last month, when more than a million of the website’s users’ personal details were exposed. Both websites are owned by Manwin, a Luxembourg-based adult entertainment IT company. The Brazzers adult website forum, another Manvin property, was also recently hit, although this is the first time Manwin has lost credit card details.

Being nice

© Yuri Arcurs - Fotolia.comDigital Playground customers will be relieved to find out that The Consortium decided not to use credit card details to try to withdraw funds. “These credit cards are all plaintext but we will not be releasing or using [them] as we do this for the love of the game not for profit and these peoples only crime was wanting some porn,” the group said.

“We cannot justify releasing these peoples’ credit card info, but remember it is DP that allowed this to happen; this could have been a different group. And perhaps they may have done far worse when given this information.”

The group drew special attention to the high number of government emails ending in .mil and .gov in the user list, and published several dozens of these.

The hack has been confirmed by porn industry news site AVN. “Manwin officially took over Digital Playground and related assets on March 1, 2012, and according to allegations, the potential breach may have occurred prior to that date. The safeguard and non-disclosure of private and confidential information is always a priority at our company, and management is supervising all aspects of this situation,” said a statement from Digital Playground published on AVN.

The appearance of a new hacker group will rain on the parade of the IT security specialists celebrating the fall of the infamous LulzSec, which was brought down with the help of its leader Sabu. “You cannot arrest an idea, you cannot snitch on an idea, you cannot stop an idea,” reads the twitter post on the Consortium channel, alluding to recent arrest of the five senior LulzSec members.

How well do you know Internet security? Try our quiz and find out!