Adult FriendFinder dating site hack exposes million users

Pierluigi Paganini May 23, 2015

Cyber criminals have hacked the popular online dating websites Adult FriendFinder leaking the highly sensitive sexual information on a forum in the dark web.

The popular dating website Adult FriendFinder was hacked, it suffered a massive data breach that potentially exposed personal details of nearly 4 Million users.

According to Channel 4 News, the information was offered on a secretive forum by a hacker using the nickname ROR[RG]. The site has 63 million users worldwide and claims more than 7 million British members.

The stolen data from Adult FriendFinder and available for sale on the dark web, includes email addresses, usernames, dates of birth, postcodes and IP addresses.

Adult FriendFinder 2

At the time I’m writing, no one has claimed responsibility for the data breach, the company has confirmed the incident but hasn’t provided any information on the number of customers affected by the attack.

The story was first reported by The Channel 4 news website on Thursday and warned users of the popular dating website that has more than 64 million members.

“The stolen data reveals the sexual preferences of users, whether they’re gay or straight, and even indicates which ones might be seeking extramarital affairs. In addition, the hackers have revealed email addresses, usernames, dates of birth, postal codes and unique internet addresses of users’ computers.” reported the Channel 4 site.

Differently from other data breaches, hackers have stolen information on the sexual habits of the victims. Data could be used by cyber criminals that want to blackmail people to extort money, and unfortunately, someone is already using the embarrassing data for illegal activities as reported by Channel 4.

Shaun Harper is one of the victims of the Adult FriendFinder data breach, his details were made public, even after he had already deleted his account. This particular is even more disconcerting because it is the demonstration that Adult FriendFinder do not wipe the data from its archive after customers leave.

“FriendFinder Networks Inc understands and fully appreciates the seriousness of the issue. We have already begun working closely with law enforcement and have launched a comprehensive investigation with the help of leading third-party forensics expert. We pledge to take the appropriate steps needed to protect our customers if they are affected.” is the comment released by Adult FriendFinder Networks to Channel 4 News.

According to Channel 4, the criminals behind the attack have blackmailed victims trying to extort $100,000 to avoid the publishing of the data online.

The files leaked online contain data related to numerous government and armed services personnel, including members of the British Army.

Adult FriendFinder 3 data

“Where you’ve got names, dates of birth, ZIP codes, then that provides an opportunity to actually target specific individuals whether they be in government or healthcare for example, so you can profile that person and send more targeted blackmail-type emails,” says Charlie McMurdie, a cybercrime specialist for PwC and former head of the Metropolitan Police‘s electronic crime unit.

Stay Tuned …

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Adult FriendFinder, data breach)

you might also like

leave a comment