Hackers breach porn site and steal credit card details
A group of hackers calling itself 'The Consortium' has reportedly penetrated servers belonging to Digital Playground, an American pornographic movie studio. The hackers claim to have gained access to the user credentials of 72,000 users, including their email addresses and the credit card details of 40,000 paying customers.
In a statement claiming responsibility for the hack, The Consortium says that it has no intention of publishing the credit card data, which was stored as plain text, publicly, adding that "We do this for the love of the game not for profit and these peoples only crime was wanting some porn." The group has also chosen not to operate under a scorched earth policy – some unscrupulous groups delete all content on their way out following a hack.
However, Digital Playground has not come away completely unscathed. The Consortium has published all of the server administrators' usernames and passwords, more than 20 licence keys for Adobe Flash Media Interactive Server and links to many paid-for videos hosted on the site. In a sarcastic take on the site's security standards, the hackers state, "This site has so many freaking holes that if I didn't know it was a porn site, I would have mistaken it for a honeypot." Honeypots are web sites deliberately set up with security vulnerabilities for the purpose of observing attack techniques.
The Consortium does not reveal how long it had access to the server. On March 4, they replaced the content of admin.digitalplayground.com with a statement on the hack. The statement concluded with the threat, "You are lucky this time, if we come back we ASSURE you that you wont be as lucky."
Digital Playground is now back online and the area for paid content is apparently back in action. The company is hoping to placate members by offering a month's free access to one of its other sites. These include porn site 'Brazzers', which also suffered a break-in resulting in stolen customer data a month ago. Brazzers, Digital Playground and video platform YouPorn, which was also hacked in at the end of February, are all owned by Luxemburg-based company Manwin.
At the time of writing, Digital Playground is not currently accepting new members. Those that try to join the site are instead presented with the message: "We are currently verifying the security parameters on this site and upgrading the entire system in order to better safeguard your information."
See also:
- Porn portal's user database open and accessible on the net, a report from The H.
(crve)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
