View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 14, 2016

412 million accounts hacked in FriendFinder Networks data breach

The hackers also reportedly obtained details of over 15 million deleted accounts.

By CBR Staff Writer

Adult dating and entertainment company FriendFinder Networks has been hit by a cyber attack which has reportedly exposed account details of its 412 million users.

The cyber attack was carried out on AdultFriendFinder, Cams.com, Penthouse, Stripshow and/or iCams.com, which are all owned by FriendFinder Networks.

While the details of 339 million accounts from AdultFriendFinder.com were exposed in the attack, Cams.com saw 62 million accounts being disclosed.

The hackers also gained access to more than 15 million “deleted” accounts that were not removed from the databases.

Penthouse.com saw the attack exposing details of 7 million accounts, while the hackers obtained a few million from other smaller properties owned by the company, ZDNet reported.

According to LeakedSource, which obtained the data, the breach accounted for two decades’ of accumulated data from the company’s largest sites.

Friend Finder Networks confirmed the site vulnerability to ZDNet, but did not confirm the attack.

Content from our partners
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer
Financial management can be onerous for CFOs, but new tech is helping lighten the load

Friend Finder Networks vice president and senior counsel Diana Ballou was quoted by the publication as saying: “Over the past several weeks, FriendFinder has received a number of reports regarding potential security vulnerabilities from a variety of sources.

“Immediately upon learning this information, we took several steps to review the adultfriendfindersituation and bring in the right external partners to support our investigation.

“While a number of these claims proved to be false extortion attempts, we did identify and fix a vulnerability that was related to the ability to access source code through an injection vulnerability.”

The breach took place when a security researcher Revolver had revealed that the AdultFriendFinder site contained a local file inclusion flaw.

The researcher said that the flaw, if successfully exploited, could enable a hacker to remotely run malicious code on the web server.

However, the attacker is yet to be identified.

The latest breach is the second faced by FriendFinder Networks after a hack last year that exposed nearly 4 million accounts, which included sensitive information, including sexual preferences and whether a user was looking for an extramarital affair.

In the current attack, the data does not seem to contain sexual preference data unlike the 2015 breach, the publication said.

Topics in this article: , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy Policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications.
THANK YOU