Adult FriendFinder.com Hacked

An adult website just got hacked. Customers are nervous, regretful. There’s a good chance that some husbands and wives, boyfriends and girlfriends, soccer moms, up-and-coming young executives and politicians (and millions more) are holding their breath, hoping for the best, changing their ways and may even be headed to church soon. That’s because an adult-oriented website, FriendFinder.com, was hacked in late 2016 and information relating to more than 400 million personal accounts on the site was stolen. Some of the information—usernames and passwords, primarily—had been kept on the books, and on the website, for more than 20 years. It seems that the same website was hacked 12 months earlier. If customers heard about it then but didn’t change their ways, it came back to haunt them. But even if they did change their ways, the news isn’t good. News reports said that even customers of the site who perhaps changed their mind and deleted their accounts might still be exposed. That’s because 15 million accounts that were supposed to have been deleted by FriendFinder, by customer request, were never taken completely off the books. That’s what you call, back luck. FriendFinder users can only hope that the leaked data remains relatively hidden and not made public and “searchable on a highly trafficked website.” That’s what happened in 2015 to the website for married people looking for affairs, Ashley Madison. Millions of their customers’ names, addresses, email addresses and more were stolen, published and spotlighted by hackers. FriendFinder.com, it seems, is an umbrella for a handful of online adult-themed sites, including AdultFriendFinder, which accounted for about 60 million users. Customer credentials were also taken from Penthouse.com, Cams.com, Stripshow.com and…well, you get the R-rated picture. So far, the group that reported the hack, LeakedSource.com, has not formally published the stolen information, but security experts say the information is out there for others to find, see and possibly post on the Internet. According to news reports, LeakedSource.com is “an anonymously run website that sells access to stolen records.” Some security experts say that LeakedSource published more than 2 billion records in 2016, including stolen customer data from hacker attacks on LinkedIn and MySpace. But LeakedSource.com wasn’t the organization behind the hack. LeakedSource itself hinted that an anonymous hacker group reported in October that they had infiltrated the AdultFriendFinder.com network (run by FriendFinder) and found a programming flaw. That flaw, which hackers search for hoping to find, opened the door to user information. Why did they choose to attack an adult-themed website, one that you might call a “gaming” website for the lonely, lustful and leery? It could simply have been a hack of opportunity. A spokesman for FriendFinder Networks couldn’t confirm LeakedSource’s claims, but admitted they were “investigating reports of potential security vulnerabilities.” Still, they took swift steps to notify their customers of the potential attack and provided tips on how they might protect themselves. For the victims who have been affected—and may be exposed—by the hack on FriendFinder, the following advice applies: