Latest in Gear

Image credit:

AdultFriendFinder hack puts 412 million accounts at risk

Over 20 years of data is out in the open.
Jon Fingas, @jonfingas
November 13, 2016
Share
Tweet
Share

Sponsored Links

There have been some massive data breaches in recent years, but the latest might just top them all. LeakedSource reports that a hack targeting Friend Finder Network has exposed over 412 million accounts, most of them (339 million) belonging to sex hookup site AdultFriendFinder. Users at Cams.com (62 million), Penthouse (7 million) and a handful of smaller sites were also affected. This reportedly represents about 20 years' worth of data, and handily eclipses the 360 million records from the MySpace breach.

The vulnerable data includes some particularly sensitive details. While it's not as bad as a 2015 breach, where sexual preferences were in the clear, the hack has revealed usernames, purchasing patters, internet addresses and easily crackable (or in some cases, unprotected) passwords. ZDNet has verified that at least some of the accounts are real.

Friend Finder Networks hasn't directly confirmed the intrusion, but it does acknowledge that it received reports of "potential security vulnerabilities," some legitimate while others were extortion schemes. The company says it fixed one hole in its code and has asked for help from the "right external partners" for its investigation. Penthouse, meanwhile, says it's aware of the hack and is just waiting for a "detailed account" of what happened and what the solutions may be.

While the chances of someone going on a shopping spree with this info are slim, there's still plenty of risk involved. Login details can reveal identities and open the door to account hijacks, and the age of the database raises extra potential for mischief -- say, blackmailing someone who may have abandoned AdultFriendFinder years ago and doesn't want their past coming back to haunt them. Either way, Friend Finder Networks will want to beef up its user data safeguards, not just prevent hackers from reaching that data.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

The Morning After: Amazon Echo (2020) review

The Morning After: Amazon Echo (2020) review

View
What we bought: Our favorite USB-C chargers

What we bought: Our favorite USB-C chargers

View
A massive spam attack is ruining public 'Among Us' games

A massive spam attack is ruining public 'Among Us' games

View
Custom PS5 covers are already a thing

Custom PS5 covers are already a thing

View
NASA works to secure the OSIRIS-REx asteroid sample

NASA works to secure the OSIRIS-REx asteroid sample

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr