Adult friend finder exposed
Troy Hunt, an Australian data breach expert who runs the Have I Been Pwned data breach notification site, says that at first glance some of the data appears legitimate, but it's still early to make a call. "I'd need to see a complete data set to make an emphatic call on it." If the data is accurate, it would mark one of the largest data breaches of the year behind Yahoo, which in October blamed state-sponsored hackers for compromising at least 500 million accounts in late 2014 (see Massive Yahoo Data Breach Shatters Records).
It also would be the second one to affect Friend Finder Networks in as many years.
Breach notification site first reported the attack, indicating that over 300 million Adult Friend Finder accounts were affected, as well as over 60 million accounts from
Other company holdings, such as Penthouse, Stripshow, and i Cams were also breached, for a total of 412,214,295 affected users.
CSOonline reported that someone had posted screenshots on Twitter showing a local file inclusion vulnerability in Adult Friend Finder.
CSOonline reported that the person posted a redacted image of a server and a database schema generated on Sept. In a statement supplied to ZDNet, Friend Finder Networks confirmed that it had received reports of potential security problems and undertook a review.
Some of the claims were actually extortion attempts.
Adult dating service company Friend Finder Network has reportedly been hacked, with over 412 million accounts, email addresses, and passwords from their websites made available on criminal marketplaces.
Notably, the database does not include more detailed personal information, but could still be used to confirm whether a person was a user of the service.
The hack also revealed that the company had kept information on 15 million accounts that users had deleted, as well as information on users for assets it no longer owned, such as Penthouse.