In an official communiqué, the group highlighted the abundance of government and military email addresses associated with the adult website.
“Hi! We like porn (sometimes), so these are email/password combinations from pron.com which we plundered for the lulz.
“Check out these government and military email addresses that signed up to the porn site…They are [obviously way] too busy fapping to defend their country.”
As Sophos Security expert Graham Cluley points out, Lulz also called on its Twitter followers to exploit the situation by logging into Facebook with the email/password combinations – so they could “inform” the victim’s friends or family about their porn habit.
“Fortunately, it’s reported that Facebook’s security team responded quickly to the threat – and reset the passwords for all of the accounts it had which matched the email addresses exposed,” Cluley confirmed.
“Of course, it’s still possible that those email address/password combinations are being used on other websites… [But] if anything, [this] should be a reminder to Internet users of the importance of using different passwords for different websites, this should be it.”
It should be noted that Lulz Security recently conducted successful hack-and-extract operations against the websites of both Sony Pictures Entertainment (SPE) and an FBI-affiliated company known as Infragard.