More Details on the Digital Playground Hack Job

from www.zdnet.com - The Consortium is a new hacktivist group. It has introduced itself to the world by hacking the pornography website Digital Playground (NSFW). The Consortium stole 40,000 plain-text financial credentials (credit card numbers, names, CCV numbers, and expiration dates) as well as the personal information (e-mail addresses, usernames, and passwords) of 72,000 users. Last but not least, they gained root access to four of the site’s servers, which further let them access corporate e-mails, and listened in on the company’s conference calls.

The hackers appear to be affiliated with hacktivist groups Anonymous and LulzSec. They say this is just their first hack:

We are The Consortium, and we have something special for our first release.

You see for a while now we have had access to digitalplayground.com, one of the five biggest porn sites in the world. But it doesn’t need any introduction from us.

This company has security, that if we didn’t know it was a real business, we would have thought to be a joke - a joke that we found much more amusing than they will.

“This site has so many freaking holes that if I didn’t know it was a porn site, I would have mistaken it for a honeypot” - [Redacted]

We did not set out to destroy them but they made it too enticing to resist. So now our humble crew leave lulz and mayhem in our path. We not only have the 72k users of this site but also over 40k plaintext credit cards including ccvs, names and expiry dates. If you want to hear more about those plaintext credit cards scroll through the MySql info further down. And of course as this is a porn site there was no shortage of .mil and .gov emails in their user list.

We also went on and rooted four of their servers, as well as gaining access to their mail boxes. Using credentials from emails we tapped into their conference call. “Is anyone besides David on the line ?” -
We were. Did we win? Sure looks that way.

Digital Playground game over.

The group was perfectly okay with sharing Digital Playground’s user accounts (e-mail addresses, usernames, and passwords stored in plain text), 27 admin accounts (names, usernames, e-mail address, and encrypted passwords), and 85 affiliate accounts (usernames, plaintext passwords, and in some cases IP addresses), including those of porn stars. They even released 52 pornographic files belonging to the site:

A Job For Jenna AU DVD.rar
Babysitters_2_Disc_1_AU_DVD.rar
Babysitters_2_Disc_2_AU_DVD.rar
Babysitters_2_WEB_Trailer.mov
BadGirls5AU.rar
Bad_Girls_6_AU_DVD.rar
Bad_Girls_7_AU_DVD.rar
Blackmail_AU_DVD.rar
CHERRY_1_DISC_1_AU_DVD.rar
Cherry_1_DIsc_2_AU_DVD.rar
CHERRY_2_AU_DVD.rar
Cherry_Episode01_SOFT_Trailer.mov
CHERRY_TWO_TRAILER.mov
Escaladies_2_AU_DVD.rar
ESCALADIES_2_Trailer.mov
ESCALADIES_Youtube_Trailer.mov
Escort_AU_DVD.rar
Fighters_AU_DVD_Disc1.rar
Fighters_AU_DVD_Disc2.rar
Fighters_AU_DVD_Disc3.rar
Fighters_WEB_Trailer.mov
Foreigner_AU_DVD.rar
index.html
In_Rileys_Panties_AU_DVD.rar
JACKS_POV_18_AU_DVD.rar
JESSE_JANE_BLACKMAIL_WEB_TRAILER.mov
Like_Sister_Like_Slut_AU_HD_Streaming.m4v
Loaded_XX5_RC_FEB_2012_SD_Stream.mov
New_Dad_In_Town_AU_DVD.rar
Nude_Content_AU_DVD.rar
Payment_AU_DVD.rar
Power_Fuck_AU_DVD.rar
Sex_and_Corruption_2_AU_DVD.rar
SexandCorruption3AUDVD.rar
Sex_and_Corruption_3_Trailer_WEB.mov
Sex_and_Corruption_EP2_Trailer_WEB.mov
Sex_and_Corruption_Selena_AU_DVD.rar
Sex_and_Corruption_WEB_Trailer.mov
Stoya_Web_Whore_AU_DVD.rar
Taras_Titties_AU_DVD.rar
The_Crib_AU_DVD.rar
THE_MASSEUSE_2_WEB_TRAILER.mov
TheMasseuse3AUDVD.rar
THE_MASSEUSE_3_Youtube_Trailer.mov
TheMasseuse4RileyAUDVD.rar
The_MASSEUSE_4_Trailer.mov
The_Masseuse_WEB_Trailer.mov
Top_Guns_R_rated_Trailer.mov
Top_Guns_XXX_Trailer_ProRes_1080_US_v3.rar
Watching_You_2_AU_DVD.rar
Watching_You_3_Au_DVD.rar
Watching_You_3_AU_DVD.rar

They weren’t, however, willing to release credit card information:

These credit cards are all plaintext but we will not be releasing or using as we do this for the love of the game not for profit and these peoples only crime was wanting some porn. We cannot justify releasing these peoples credit card info, but remember it is DP that allowed this to happen, this could have been a different group. And perhaps they may have done far worse when given this information.

Here’s what they posted on their Twitter account, which has some 200 followers:

#Anonymous Today we will be releasing free premium porn to our friends & frenemies #th3consortium #PenetratingThePenetrators
As we promised this is our first but not last release http://is.gd/kgsaoX #Anonymous #freebies @YourAnonNews @TheHackersNews @anonymouSabu
@cyber_war_news @TheHackersNews DigitalPlayground.com Owned by The Consortium #Anonymous #Consortium #AntiSec is.gd/kgsaoX
the complete user list will be posted on hackbb onion forum very soon #Anonymous #AntiSec #Consortium
Gracias por compartir la noticia de todas las cuentas estarÃ¡n disponibles en breve en el foro de la cebolla hackbb #Anonymous
Here you get 10K porn accounts more will follow shortly http://clsvtzwzdgzkjda7.onion/viewtopic.php?f=34&t=2715 #Anonymous #freebies
@LulzKitten @AnonymousIrc Any chance of a retweet for our digital playground hack ? Guaranteed lulz or your money back is.gd/kgsaoX
So nice to see you all enjoy the free porn. The movies are still available for free download see release file for more info #Anonymous
10k Accounts for DP has already been released here are the rest http://www.mediafire.com/?7jjm2cnymtodyr6 #Anonymous
Looks like Digital PLayground is offline, hope lulz were had by all #AntiSec #Anonymous #Consortium

“Due to an alleged security breach, Manwin elected to temporarily shut down Digital Playground, and related websites, on March 5, 2012,” a Digital Playground spokesperson told AVN. “Manwin officially took over Digital Playground and related assets on March 1, 2012, and according to allegations, the potential breach may have occurred prior to that date. The safeguard and non-disclosure of private and confidential information is always a priority at our company, and management is supervising all aspects of this situation. In addition, our customer service department has been in contact with Digital Playground members to inform them of the next steps. Customers will not be billed while the site is inactive, and have been offered free access to a Manwin owned property of their choice during this time period.”

You can see a mirror image of the hack for yourself at Zone-H.

More Details on the Digital Playground Hack Job

Related stories

Hack job on The Mick KOd Regan

The Paris Hilton Hack Job

Digital Playground Porn Site Hacked; Over 72,000 customers’ details and over 44,000 credit card numbers Compromised

Joone in January; IGN interviews Digital Playground Founder on new details of Blu-ray porn ban,

Doc gave patient a Nose Job; She Gave Him a Blow Job then Did a Job on Him with the Cops

LA City Workers Make Porn Film While On the Job; More Details on LA News Friday Night

Recently published

Adult Industry Seeks Inclusion in EU AI Regulation Talks

Wisconsin Tiff to Turn Her Search for Love Into New Video Series

Rachel Steele Drops New 'Cuck' Clip Featuring Lauren Phillips

Holly Randall Interviewed by Carly David About Creative Control, Ethical Storytelling

Sabien DeMonia Signs With JulModels for Agency Representation

MsSexySaigon Drops New Clip Featuring Randy Horseman