Cyber Incident Victim: Paper Street Media

In March 2025, a hacker using the alias TheNeoBoss breached administrative systems of Team Skeet, a website operated by adult entertainment network Paper Street Media (PSM). The attacker advertised a database on Dream Market dark web marketplace containing purported records of 237,000 users, including email addresses, plaintext passwords, names, physical addresses, and IP addresses. The listing also offered additional datasets: 50,000 logins for other PSM network sites, 426,000 failed login attempts, and 468,000 geolocation IP records, priced at 0.962 Bitcoin (~$400). TheNeoBoss claimed motivation to publicly shame PSM for inadequate security practices. On March 31, the hacker briefly defaced the Team Skeet website and provided Motherboard with screenshots of apparent administrative panels showing customer support tickets dated that same month, demonstrating ongoing access to PSM systems.

Motherboard received two data samples from the hacker: an initial batch of 64 credentials (56 of which corresponded to inactive Team Skeet accounts) and a larger set of 8,000 records that partially matched valid accounts. Attempts to contact users via listed emails yielded some undeliverable addresses, while physical address fields showed inconsistencies. PSM CTO Jamal Hussain dismissed the breach as recycled data from a 2008 incident, stating no credit card information was compromised and all affected accounts had been invalidated. Company lawyer Steven Eisenberg attributed Motherboard's verification results to PSM's policy of retaining usernames after account expiration. PSM maintained no recent breaches occurred, citing engagement with a security firm, though the hacker claimed to have warned PSM about vulnerabilities and received no response to inquiries about a bug bounty program. The FBI did not comment on the incident by the article's publication date.