Amateur porn website users’ data leaked online, hackers claim

Published: 19 September 2025
Last updated: 22 September 2025
Pornography adult content peeping
Image by Cybernews.

Attackers claim they’ve obtained a trove of personal details from MyHomemadePorn, an amateur adult content platform. However, the Cybernews research team believes the data could be fake.

The supposedly stolen database with details on MyHomemadePorn users was posted on a popular data leak forum, known for distributing stolen or leaked personal details.

According to the attackers, the stolen details include usernames, emails, and hashed passwords. Interestingly, the posts’ authors even encouraged others to use the supposedly stolen details to extort the platform’s users.

ADVERTISEMENT

We have reached out to the adult content platform for comment and will update the article once we receive a reply.

Sensitive details leaked
Attackers' post on a data leak forum. Image by Cybernews.

Meanwhile, the Cybernews research team investigated the supposedly leaked data. According to the team, the leak is “likely fake,” as the data seems artificially generated.

“The leak file contains several identical bcrypt hashes. This shouldn’t happen because bcrypt automatically adds a random salt, which means even the same password should create a different hash each time,” our researchers explained.

Bcrypt hashes are types of encrypted passwords with random data built in before hashing. That way, identical passwords do not produce identical hashes.

jurgita Ernestas Naprys Paulina Okunyte Gintaras Radauskas
Get our latest stories today on Google News
Google News Follow us

Another explanation for bcrypt hash duplication could be that the attackers shared test data from the website itself, which would explain the unusual password practices. Data leak forum members heavily depend on reputation, and the user who shared the alleged adult content platform leak already has an established reputation.

“They are an active member who often shares leaks, so it doesn’t look like just a random troll with a new account. Still, there’s a small chance the user could be posting this just for fun. This could be done for attention, reputation on the forum, or just to cause trouble,” the team explained.

ADVERTISEMENT

Attackers sometimes distribute fake data leaks to either get noticed or in an attempt to get inexperienced users to pay for old data. In this instance, however, the attackers aren’t demanding payment for the allegedly stolen details.

Fake or not, the allegedly stolen dataset claims to include very sensitive data, given the type of platform it was taken from, which includes:

  • Usernames
  • Email addresses
  • IP addresses
  • Dates of birth
  • Gender
  • Relationship status
  • Hashed passwords

If confirmed, the leak would pose severe privacy concerns to the individuals involved. The combination of email addresses and IP addresses open up exposed individuals to harassment and blackmail. Exposed home addresses could lead to user doxxing, a practice where users’ online identity is revealed.

However, the team noticed that dates of birth and IPs are visible, but on a very small number of records. Meanwhile, genders and relationship statuses are represented as ID numbers, so they do not mean much in this context.

Share
Post
Share
Share
Share
More from Cybernews
Meta confirms: critical vulnerability in account recovery tool exposed over 20K Instagram users
UK to use AI to prepare for AI-induced employment challenges
Dark web drug vendor gets 26 years for selling fentanyl and meth
Meta escalates legal battle with Israeli spyware firm NSO over WhatsApp attacks
UK PM Starmer set to ban social media for Under-16s
OpenAI plans biggest ChatGPT overhaul ahead of listing
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked