The adult dating service company Friend Finder Network has reportedly been hacked.
According to the latest information available, the “world’s largest sex & swinger community” experienced a breach in October.
The hack has resulted in over 412 million accounts, e-mail addresses and passwords from their network of websites being stolen and being made vailable for purchase on online criminal marketplaces.
Probably very thankfully for the websites owners, the stolen database does not include as much detailed personal information, as last year’s now infamous Ashley Madison hack.
Crucially however, the data could still be used to confirm whether a person is a current or past user of the service.
The cyberattack was first reported by the LeakedSource website, where the initial number of stolen accounts was estimated that over 300 million AdultFriendFinder accounts were affected.
Other sites from within the Friends Finder network included stolen account information from Cams.com, Stripshow, and iCams.
As a telling aside at just how insecure many users were when it came to their security, some of the common passwords used included 123456, 123456789, password, qwerty, and pussy, fu**me, f***you and iloveyou. I mean, really? Really?
Encryption, what encryption?
As details about the hack continue to grow, it has also now become apparent that the company was still keeping information on an estimated 15,000,000 accounts that users had deleted.
Much of the stolen data also appears to have had either limited or no encryption protection.
Information from the hack has also revealed that the company had kept information on 15 million accounts that users had deleted, as well as information about assets it no longer owned, such as Penthouse.
The Ashley Madison Comparison
The July 2015 hack of AshleyMadison.com had to contend with the fact that a mere 32 million user accounts were hacked. Of course, the extortion campaign that followed was notable for its headline grabbing extortion attempts, and the subsequent social fallout that followed…
No, by the looks of it, no financial information was taken in the cyber-attack, so Friend Finder users are unlikely to find their bank accounts being emptied, but the risk of personal identification is apparently quite high.
A spokesperson for the Friend Finders network only confirmed that a possible security violation at the company had taken place.