A loose, English-speaking cybercrime network known as “the Com” has claimed responsibility for a hack of Pornhub’s premium user database. The group, often comprised of young hackers (ages 16–25), including members from ShinyHunters, has leaked viewing habits and search histories to extort users through social humiliation and sextortion.
Business Impact
The emergence of “the Com” represents a shift toward highly personalized, “cruelty-for-sport” extortion that targets individuals within a corporation. This creates a significant insider threat and blackmail risk for executives, as well as a PR nightmare for companies whose employees are targeted via personal data leaks.
Why It Happened
“The Com” functions as a decentralized pipeline where younger members are groomed by more experienced hackers. They leverage social engineering and credential stuffing rather than advanced zero-days, making them highly effective against consumer platforms with massive user bases.
Recommended Executive Action
Enhance executive protection protocols to include “personal digital footprint” monitoring. Advise staff on the dangers of using work-related credentials on personal entertainment platforms and emphasize the use of robust, unique passwords and MFA.
Hashtags: #TheCom #ShinyHunters #DataBreach #Sextortion #CyberCrime #PornhubHack #SecurityCulture #InfoSec