DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

Secrets for hundreds of millions exposed in largest hack of 2016: Friend Finder Network

Posted on November 13, 2016November 13, 2016 by Dissent

From LeakedSource.com:

Friend Finder Network Inc is a company that operates a wide range of 18+ services and was hacked in October of 2016 for over 400 million accounts representing 20 years of customer data which makes it by far the largest breach we have ever seen — MySpace gets 2nd place at 360 million. This event also marks the second time Friend Finder has been breached in two years, the first being around May of 2015.

A list of sites we have verified, how many affected accounts and a brief description are as follows:

  • Adultfriendfinder.com
    • 339,774,493 users
    • “World’s largest sex & swinger community”
  • Cams.com
    • 62,668,630 users
    • “Where adults meet models for sex chat live through webcams”
  • Penthouse.com
    • 7,176,877 users
    • Adult magazine akin to Playboy
  • Stripshow.com
    • 1,423,192 users
    • Another 18+ webcam site
  • iCams.com
    • 1,135,731 users
    • “Free Live Sex Cams”
  • Unknown domain
    • 35,372 users

Total: 412,214,295 affected users

How did it happen? They were hacked via a Local File Inclusion exploit and you can read more about the situation when it was initially reported from this link.

Read more on LeakedSource.com.

Zack Whittaker of ZDNet obtained some of the data and attempted to verify it. He reports:

ZDNet obtained a portion of the databases to examine. After a thorough analysis, the data does not appear to contain sexual preference data unlike the 2015 breach, however.

The three largest site’s SQL databases included usernames, email addresses, and the date of the last visit, and passwords, which were either stored in plaintext or scrambled with the SHA-1 hash function, which by modern standards isn’t cryptographically as secure as newer algorithms.

Read more on ZDNet.

Steve Ragan of CSO Online also has additional details on the incident that you’ll want to read.

There will obviously be much more coverage and analysis of this breach in the weeks, months, and even years to come. The most deadly questions may be those that ask FFN what they did following the first breach to prevent this second breach.

 

Related Posts:

  • Large online dating site AdultFriendFinder confirms…
  • mSpy and Adult Friend Finder Breaches a Boon to…
  • What did Adult Friend Finder know and when did they…
  • Feds and cops outed as hacker dump exposes ties to…
  • Hackers Claim to Have a Stunning 427 Million Myspace…

Post navigation

← AU: Big W shutters online shopping after data leak
AU: Human Services admits privacy breach. →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)
  • Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
  • CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)
  • Seeking clarification on Maine’s data breach notification statute
  • East River Medical Imaging notifies 605,809 patients of breach
  • Russian hackers exploiting Outlook bug to hijack Exchange accounts
  • Britain dismisses report claiming Sellafield nuclear site hacking, says no malware exists on our system
  • 23andMe data breach: Hackers accessed data of 6.9 million users

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net