New Hacktivism Group Claims Porn Site Hack
The group said in a Web post that it attacked the site for fun and because its security was so easy to penetrate. "This site has so many freaking holes that if I didn't know it was a porn site, I would have mistaken it for a honeypot," said the post, a mirror of which was on Zone-H, a security news site. A "honeypot" is a computer system set up to appear to be part of a network, in order to counteract attacks on a network.
Digital Playground was recently bought by Manwin, a Luxembourg-based company that operates adult video-sharing sites, such as YouPorn and PornHub. Manwin also operates Brazzers, a porn site that last month had personal information of about 350,000 users stolen by a hacker. Digital Playground has confirmed the attack, but hasn't released details, according to media reports.
The Consortium claimed to have more than 40,000 plain-text credit card numbers, including their three-digit CCV, a security code found on the back of credit cards, expiration dates and the names of the cardholders. Overall, the thieves claimed to have stolen information on 72,000 users of the porn site.
In addition, the group said it rooted four of the site's servers, hacked e-mail boxes and tapped into conference calls. The band of cybercriminals also made freely available 52 pornographic movies. As of Monday, Digital Playground was online, but not accepting any new members, according to security vendor Sophos.
There was no indication that the hackers intended to release the credit card information. Instead, the break in was done for kicks. "We did not set out to destroy them but they made it too enticing to resist," the group said. "So now our humble crew leave lulz and mayhem in our path." Lulz is hacker speak meaning just for laughs. It was not clear whether The Consortium was affiliated with hactivist cooperative Anonymous.