The Candid Board charges its users $19.99 a month for a subscription, and provides pictures taken up women's skirts - often without the subject's knowledge.
A New York-based cloud hosting provider called Webair was managing the details at the time of the hack, which targeted a "misconfigured database."
The source told IBTimes: "I decided to contact the hosting company Webair.
"When I described the issue to the support on the other side, he immediately understood what the problem was.
"It was almost as if they were aware of the problems in their system."
Since then, HaveIBeenPwned, a breach notification website, has uploaded the data to its service, but it will only be discoverable by verified owners.
Troy Hunt, who manages HaveIBeenPwned, told IBTimes: "It's amazing how much personal data people will entrust sites of this nature with.
"Members provided accurate email addresses and birthdates which combined with their IP address now very clearly ties them back to a site of very questionable legal status."
In an FAQ, the website states: "We do not want to limit people by a narrow definition of what is and what is not "candid".
"Basically anything un-posed and non-professional is allowed as long as no board rules are broken."
This is not the first time that details have been leaked from a porn site.
In September, the names of nearly 800,000 users of Brazzers were leaked online.
While the stolen data relates to login details for the Brazzers forum rather than the main site, it is thought that many users have duplicated their passwords across both.
