AdultFriendFinder hack “exposes 412 million users”
A hook-up and dating site company has allegedly been hacked, exposing more than 412 million user accounts. FriendFinder Networks, which operates sites including AdultFriendFinder, Cams.com and Millionaire Mate, has been hit with a massive hack, according to breach-tracking site Leaked Source.
While the most common accounts included in the data dump were from AdultFriendFinder and Cams.com, with more than 339 million and 62 million respectively, there were also more than seven million account credentials from penthouse.com, a domain that the company sold back in February.
Leaked Source also found more than 15 million emails in the database in the format of “firstname.lastname@example.org@deleted1.com”. The site claimed that signing up with an email in this format is impossible, saying that the “@deleted” suffix was added by FriendFinder Networks.
“We’ve seen this situation many times before and it likely means these were users who tried to delete their account[s],” Leaked Source said. “The data is obviously still kept around because, you know, we’re looking at it.”
A total of at least 125 million passwords were stored in plain text. Even those that were encrypted were hashed with SHA1, an encryption method that major vendors have discontinued due to the ease with which it can be cracked.
The existence of a Local File Inclusion (LFI) vulnerability in FriendFinder Networks’ database was brought to the attention of the company last month by a security researcher known on Twitter as 1×0123 (now real1x0123).
They told our sister site IT Pro today that the attackers used this same security flaw to infiltrate the company.
IT Pro approached FriendFinder Networks to ask if and how the breach occurred, and for comment on Leaked Source‘s claims. In a statement, the company did not elaborate on the nature of the vulnerability but confirmed it has opened a security investigation.
“Over the past several weeks, we have received a number of reports regarding potential security vulnerabilities from a variety of sources,” FriendFinder Networks said in its statement, emailed to IT Pro. “Immediately upon learning this information, we took several steps to review the situation and bring in the right external partners to support our investigation. Our investigation is ongoing but we will continue to ensure all potential and substantiated reports of vulnerabilities are reviewed and if validated, remediated as quickly as possible.”
It added: “FriendFinder takes the security of its customer information seriously and is in the process of notifying affected users to provide them with information and guidance on how they can protect themselves. We will provide further updates as our investigation continues.”