MyVidster, a now-defunct video-sharing platform primarily used for bookmarking and sharing adult content, suffered a data breach exposing 3.9 million user accounts. The leaked dataset included email addresses, usernames, and profile pictures, which were publicly dumped on a hacking forum. While no passwords were explicitly mentioned in this breach, the exposure of personal identifiers increases risks of targeted phishing, identity theft, or reputational harm—especially given the sensitive nature of the platform’s content. The breach was added to *Have I Been Pwned* on October 27, highlighting ongoing vulnerabilities in decommissioned services where user data remains unsecured. The incident underscores the persistent threat of legacy data resurfacing, even after a service shuts down.
TPRM report: https://www.rankiteo.com/company/myvidster
"id": "myv3494034102725",
"linkid": "myvidster",
"type": "Breach",
"date": "10/2025",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': '15.32 billion accounts (total '
'in HIBP database); 183 million '
'(new dataset) + 3.9 million '
'(MyVidster)',
'industry': 'Information Security',
'location': 'Global',
'name': 'Have I Been Pwned (HIBP)',
'type': 'Cybersecurity Service'},
{'customers_affected': '3.9 million',
'industry': 'Adult Content/Entertainment',
'name': 'MyVidster',
'type': 'Video-Sharing Platform (Defunct)'},
{'customers_affected': '186.9 million (183M + 3.9M)',
'industry': 'Multiple',
'location': 'Global',
'name': 'Users of Compromised Accounts',
'type': 'Individuals/Organizations'}],
'attack_vector': ['Information-Stealing Malware', 'Public Hacking Forum Leak'],
'customer_advisories': ['Visit Have I Been Pwned to check if your '
'email/password is exposed.',
'Change passwords immediately if found in breaches.',
'Avoid reusing passwords across services.',
'Consider using passkeys or password managers for '
'stronger security.'],
'data_breach': {'data_encryption': 'No (Data Exposed in Plaintext)',
'data_exfiltration': 'Yes (via Malware and Forum Leaks)',
'file_types_exposed': ['Text Logs (Stealer Logs)',
'Database Dumps (MyVidster)'],
'number_of_records_exposed': 186900000,
'personally_identifiable_information': ['Email Addresses',
'Usernames'],
'sensitivity_of_data': ['Medium (Credentials)',
'Low (Public Profile Pictures)'],
'type_of_data_compromised': ['Email Addresses',
'Passwords',
'Usernames',
'Profile Pictures',
'Website URLs']},
'date_publicly_disclosed': '2023-10-21',
'description': 'Cybersecurity expert Troy Hunt added two new sets of '
'compromised account records to the Have I Been Pwned (HIBP) '
'database, including a massive dataset of 183 million accounts '
'sourced from stealer logs and a smaller dataset of 3.9 '
'million accounts from the defunct video-sharing platform '
'MyVidster. The exposed data includes email addresses, '
'passwords, usernames, and profile pictures, posing risks of '
'credential stuffing and automated attacks.',
'impact': {'brand_reputation_impact': ['Potential Loss of Trust in Affected '
'Platforms (e.g., MyVidster)',
'Increased Awareness of Credential '
'Reuse Risks'],
'data_compromised': ['Email Addresses',
'Passwords',
'Usernames',
'Profile Pictures',
'Website Associations'],
'identity_theft_risk': 'High (Due to Exposed Credentials)'},
'initial_access_broker': {'data_sold_on_dark_web': 'Likely (Stealer logs '
'often traded on dark web '
'markets)',
'entry_point': ['Malware-Infected Devices (Stealer '
'Logs)',
'Public Hacking Forums (MyVidster '
'Leak)'],
'high_value_targets': ['Credentials for '
'Financial/Enterprise '
'Accounts (via Credential '
'Stuffing)']},
'investigation_status': 'Ongoing (HIBP continuously updates datasets; '
'credential-stuffing lists pending validation)',
'lessons_learned': ["Stealer logs represent a 'firehose' of continuously "
'leaked credentials, requiring ongoing monitoring.',
'Credential reuse remains a critical risk, with 94% of '
'leaked passwords being non-unique.',
'Publicly dumped data may still contain valid, previously '
'unseen credentials (16.4M new emails in this case).',
'Defunct platforms (e.g., MyVidster) can still pose risks '
'if their data is leaked post-shutdown.'],
'motivation': ['Financial Gain', 'Data Harvesting', 'Credential Stuffing'],
'post_incident_analysis': {'corrective_actions': ['HIBP to improve real-time '
'data ingestion for stealer '
'logs.',
'Public education campaigns '
'on password managers and '
'MFA.',
'Collaboration with threat '
'intelligence firms (e.g., '
'Synthient) for early '
'detection.'],
'root_causes': ['Widespread use of '
'information-stealing malware '
'(e.g., RedLine, Raccoon).',
'Lack of user awareness about '
'credential hygiene.',
'Defunct platforms failing to '
'secure data post-shutdown.',
'Recycling of leaked datasets '
'across hacking communities.']},
'recommendations': ['Use password managers to avoid credential reuse.',
'Enable multi-factor authentication (MFA) on all '
'accounts.',
'Regularly check HIBP for exposed credentials.',
'Delete unused online accounts to reduce attack surface.',
'Monitor dark web/forums for stolen data related to your '
'organization.'],
'references': [{'date_accessed': '2023-10-30',
'source': 'ZDNET',
'url': 'https://www.zdnet.com/article/two-new-have-i-been-pwned-datasets-added-with-millions-of-accounts/'},
{'date_accessed': '2023-10-21',
'source': 'Have I Been Pwned Blog (Troy Hunt)',
'url': 'https://www.troyhunt.com/introducing-synthients-threat-data-to-have-i-been-pwned/'}],
'response': {'communication_strategy': ['Blog Post by Troy Hunt',
'Media Coverage (e.g., ZDNET)',
'HIBP Search Tool Updates'],
'containment_measures': ['Data Deduplication',
'Validation of New Records'],
'incident_response_plan_activated': 'Yes (HIBP Standard '
'Procedure for Data '
'Ingestion)',
'remediation_measures': ['Public Notification via HIBP',
'Password Change Advisories'],
'third_party_assistance': ['Synthient (Threat Intelligence)',
'Benjamin Brundage (Researcher)']},
'stakeholder_advisories': ['Organizations: Warn employees/customers to check '
'HIBP and reset passwords.',
'Developers: Implement rate-limiting to mitigate '
'credential-stuffing attacks.',
'Individuals: Assume exposed credentials are '
'compromised and act accordingly.'],
'title': 'Have I Been Pwned Adds Two New Datasets with Millions of '
'Compromised Accounts',
'type': ['Data Breach', 'Credential Theft', 'Malware (Stealer Logs)']}