Are you a Pornhub Premium member? You may want to pay closer attention to a notification about a data leak described as a “limited set of analytics events.” That language hides the real story: Your watch and search history could now lie in the hands of hackers, and whether or not it goes public depends on if Pornhub pays the ransom being demanded. As reported by BleepingComputer , Pornhub says the breach occurred through a smishing (SMS phishing) attack on third-party analytics partner Mixpanel. That hack occurred on November 8, and initially was linked to leaks at OpenAi and CoinTracker. Only some users were affected, and no passwords, payment details, financial information, or government IDs were stolen. The company also says its partnership with Mixpanel ended in 2021. For its part, Mixpanel has since told BleepingComputer that “[t]he data was last accessed by a legitimate employee account at Pornhub’s parent company in 2023. If this data is in the hands of an unauthorized party, we do not believe that is the result of a security incident at Mixpanel.” Since Pornhub’s initial notification , ransomware group ShinyHunters has since publicly claimed credit for the hack, via email messages to affected companies demanding a ransom to prevent the release of the data. Pornhub’s is among the most potentially damaging to users if disseminated, with a 94GB dataset containing search, watch, and download histories for over 200 million Pornhub Premium subscribers. In its report, BleepingComputer says it has seen samples of the data, which includes member email address, type of activity, location, video links, video names, keywords associated with the video, and when the user activity occurred. For activity types, BleepingComputer verified only seeing if a subscriber watched or downloaded a video, or viewed a channel. Search history remains unconfirmed as part of the data set. Masked email can help keep sensitive data from being immediately traceable to you. Jared Newman / Foundry So what does this mean for you, if you’re a long-time or past Pornhub Premium subscriber? First, don’t panic. This could be a serious breach of your privacy, yes. But it isn’t worth any extreme action on your part. Instead, think about preparing yourself on these fronts: Extortion: You could be at risk for later extortion attempts, should Pornhub and ShinyHunters not come to an agreement about ransom payment and the information leaks out to the broader dark web. I would caution against paying even once, since that could lead to further demands for additional or higher amounts of cash. Instead, plan now for how you would handle breaking the news yourself (if even warranted) to family, your employer, etc. Or how to insulate yourself from the backlash if that’s not possible. Scams: Scammers have become more sophisticated in how they approach victims, with AI tools doing much of the work for crafting specialized campaigns. If the Pornhub data leaks, be wary of messages or invitations that align with your tastes. You could end up falling for a romance scam, for example. Hide your email address: Consider switching now to masked email addresses for your accounts. These aliases hide your real email address while still routing messages back to your main inbox, which prevents attackers (and gawkers) from immediately identifying you or building a profile of you to better scam or extort. You can try them out for free , even! Unfortunately, data leaks will only continue in the future. For most people, who could be embarrassed by others knowing what they buy, view, or otherwise patronize, your best bet is to not trust companies to keep your info safe. I now assume any details I give to a website could become public through no fault of my own, and plan accordingly.