Article Details

From pr0n to playlists and paperclips, trio of breaches spills data of millions. Adult site, streaming platform, and Japanese retailer expose user info, but not credentials. Three very different companies have now confirmed data breaches affecting millions of users – each insisting the damage stopped well short of passwords and payment details. Pornhub has told Premium subscribers that some user data was exposed after a breach at Mixpanel, a third-party analytics provider it once used, rather than through any compromise of Pornhub's own systems. In a notice to users, the adult site said the incident affected "only select Premium users" and involved a limited set of analytics events inside Mixpanel's environment. Pornhub stressed that passwords, credentials, payment details, and government IDs were not exposed, and noted it stopped working with Mixpanel in 2021 but was informed of the breach by the vendor. The disclosure follows a similar incident last week affecting OpenAI, which traced a leak of internal data to compromised Mixpanel analytics credentials. SoundCloud has also confirmed it was breached after a week of user complaints about outages and broken access, which the company now says were linked to a cybersecurity incident. The streaming platform said it detected unauthorized activity in an ancillary service dashboard and brought in third-party security experts to investigate, eventually determining that the exposure affected roughly 20 percent of users. According to public data, SoundCloud has approximately 140 million users, suggesting that some 28 million people have likely been affected by the breach. According to SoundCloud, the data accessed was limited to email addresses and information already visible on public profiles, and did not include passwords or financial details. But the measures taken to contain the breach had side effects. Configuration changes introduced during the response caused "temporary connectivity issues" for some users, particularly those accessing the service via VPNs, effectively turning a behind-the-scenes security incident into a very public service disruption. Over in Japan, retail giant Askul is still picking through the wreckage of an October ransomware attack that knocked systems offline and exposed customer data. In a new report [PDF], the office supplies and e-commerce giant said the incident caused "large-scale service stoppage" and confirmed that information it held "flowed outside the company" after its network was compromised. In the report, translated by The Register, Akira Yoshioka, president and CEO of Askul, confirmed "the recent ransomware attack resulted in the leak of customer information, as well as the information of some of our business partners, and we apologize for the significant inconvenience and concern this has caused." Askul now says roughly 740,000 records linked to individual customers and corporate clients were affected, with some affected data published by the RansomHouse cybercrime crew, but says no financial details were accessed during the attack. The lengthy report confirms that threat actors accessed Askul's internal systems using the login details of a subcontractor "who exceptionally did not apply multi-factor authentication." The firm also admits that the datacenter where the breach occurred "did not have EDR installed on its servers, nor was 24-hour monitoring performed, so unauthorized access and intrusion could not be detected immediately." Ransomware infection was confirmed in logistics and internal systems, and some data (including backups) was encrypted and rendered unusable. In addition, some of that data was stolen and leaked by the attacker. Different sectors, different attackers, and very different root causes – but the same end result: user data escaping through analytics tools, ancillary systems, and ransomware-ridden networks, even as companies rush to reassure customers that the most sensitive details stayed put.