The South African government departments exposed in the Brazzers porn forum hack

Breach monitoring site Vigilante.pw recently alerted the media to a leak of almost 800,000 user accounts from the forum of porn site Brazzers.

Passwords were stored in plain text, without hashing or salting, making it easy for criminals to use these credentials to try and get into people’s accounts on other services.

Vigilante.pw said it aims to raise awareness about database breaches by providing information on security flaws.

“We aim to inform and teach people about the importance of maintaining your privacy on the Internet, as well as keeping your personal information safe,” said Vigilante.pw.

The site’s operator, who goes by “Keen”, told MyBroadband that the database contains 519 email address from South African domains.

Most of these addresses are co.za. One was from an org.za domain, while four were from gov.za domains.

The four government departments with staff who signed up for the Brazzers forums were:

• lda.gov.za (Limpopo Department of Agriculture and Rural Development)
• hantam.gov.za (Hantam Municipality in the Northern Cape)
• justice.gov.za (The Department of Justice)
• sars.gov.za (South African Revenue Service)

If you signed up for a Brazzers forum account, you are encouraged to change your passwords everywhere you reused them.

A screenshot of a section of the leaked database is posted below.

More on security

How to hide everything you do on the Internet

John McAfee sues to use his name