Pornhub is notifying more than 200 million premium users that their data and search history on the adult website may have been stolen in a security breach. 

Hackers claimed they had infiltrated a third-party system that Pornhub uses to analyze site traffic, potentially exposing limited records of how some users interacted with the platform. 

In an extortion demand sent to Pornhub, the cybercriminals alleged to have a massive data set of records that included email addresses, location, video titles, search keywords, activity types and timestamps for over 200 million entries, Bleeping Computer reported.

Premium users pay $14.99 a month to access millions of videos, along with more than 100,000 premium videos that non-paying users cannot view.

'We recently learned that an unauthorized party gained unauthorized access to analytics data stored with Mixpanel, a third-party data analytics service provider, Pornhub said in a statement.

'The unauthorized party was able to use this unauthorized access to extract a limited set of analytics events for some users.'

The adult content site added that this was not a breach of its own system, ensuring users that their passwords, credentials or government IDs were not compromised or exposed.

Pornhub added that it has since secured the affected account and stopped the unauthorized access.

Pornhub revealed the issue on December 12, saying it stemmed from a November breach involving its analytics provider, Mixpanel. 

However, the adult website noted that it has not worked with Mixpanel since 2023, meaning the stolen records are from that year and earlier, BleepingComputer reported. 

Mixpanel CEO Jen Taylor said in a statement: 'We took comprehensive steps to contain and eradicate unauthorized access and secure impacted user accounts. 

'We engaged external cybersecurity partners to remediate and respond to the incident.' 

The company told BleepingComputer it was unable to verify that the Pornhub data being circulated came from the November incident. 

The cybercrime group ShinyHunters claimed it was behind the intrusion, publicly offering what it described as Pornhub Premium analytics data while name-dropping tech giants among its alleged victims. 

Pornhub has informed affected users and publicly warned them to be cautious of phishing attempts or suspicious messages.

A company statement said: 'While our investigation is ongoing, we encourage all users to remain vigilant by monitoring their accounts for any suspicious emails or unusual activity.'

The platform has brought in cybersecurity experts, launched an internal investigation, and alerted authorities, emphasizing that passwords and payment information were not compromised in the incident.