The money came from their 'bug-bounty' fund
The Ashley Madison scandal sent shockwaves around the world as user information was posted online by hackers. The sensitive information was exposed online causing severe embarrassment and upset for those involved. It would seem that visitors to PornHub narrowly avoided the same fate.
Security researchers made it their mission to hack into the site's database. This database contains user information and other such info visitors to the site would, probably, want kept off the record.
The researchers were awarded $20,000 for their troubles by the site. Porn Hub have a 'bug bounty', which gets paid out to hackers and security researchers who identify flaws in their security system.
While the hackers could cause serious trouble for visitors to the site, they have committed to not leaking the information they accessed. They say the exercise was motivated purely by money.