412 million FriendFinder records exposed by code hackers

412 million FriendFinder records exposed by code hackers

Hacked records connected to AdultFriendFinder.com, Cams.com, iCams.com, Stripshow.com, and Penthouse.com

Six databases from FriendFinder Networks Inc., the business behind a number of the world’s biggest adult-oriented websites that are social have already been circulating online simply because they had been compromised in October.

LeakedSource, a breach notification site, disclosed the event completely on and said the six compromised databases exposed 412,214,295 accounts, with the bulk of them coming from AdultFriendFinder.com sunday

When expected straight concerning the problem, 1x0123, that is also understood in a few groups by the title Revolver, stated the LFI ended up being found in a module on AdultFriendFinder’s production servers.

Maybe maybe Not even after he disclosed the LFI, Revolver reported on Twitter the presssing issue ended up being remedied, and “. no consumer information ever left their web site.”

Their account on Twitter has since been suspended, but during the time he made those responses, Diana Lynn Ballou, FriendFinder Networks' VP and Senior Counsel of business Compliance & Litigation, directed Salted Hash in their mind in reaction to questions that are follow-up the event.

On 20, 2016, Salted Hash was the first to report FriendFinder Networks had likely been compromised despite Revolver’s claims, exposing more than 100 million accounts october.

Aside from the leaked databases, the presence of supply code from FriendFinder Networks' manufacturing environment, aswell as leaked public / private key-pairs, further put into the mounting proof the company had experienced a severe information breach.

FriendFinder Networks never offered any extra statements regarding the matter, even with the excess documents and supply rule became general public knowledge.

As stated, previous estimates placed the FriendFinder Networks information breach at a lot more than 100 million records.

These estimates that are early in line with the size of the databases being prepared by LeakedSource, in addition to provides being produced by other people online claiming to own 20 million to 70 million FriendFinder documents - most of them originating from AdultFriendFinder.com.

The main point is, these documents occur in numerous places online. They truly are being offered or shared with anybody who may have a pursuit inside them.

On Sunday, LeakedSource reported the count that is final 412 million users exposed, making the FriendFinder Networks leak the greatest one yet in 2016, surpassing the 360 million documents from MySpace in May.

This information breach additionally marks the 2nd time FriendFinder users have experienced their username and passwords compromised; the first occasion being in might of 2015, which impacted 3.5 million individuals.

The numbers disclosed by LeakedSource on Sunday include:

    339,774,493 records that are compromised AdultFriendFinder.com

hookupdates.net/datehookup-review 62,668,630 records that are compromised Cams.com

7,176,877 compromised documents form Penthouse.com

1,135,731 compromised documents from iCams.com

1,423,192 compromised documents from Stripshow.com

  • 35,372 compromised documents from an unknown domain
  • Every one of the databases have usernames, e-mail details and passwords, that have been kept as simple text, or hashed SHA1 that is using with. It really isn’t clear why such variants occur.

    “Neither technique is regarded as safe by any stretch of this imagination and in addition, the hashed passwords appear to have been changed to any or all lowercase before storage space which made them much easier to attack but means the qualifications may be slightly less helpful for harmful hackers to abuse when you look at the world that is real” LeakedSource said, talking about the password storage space choices.

    In every, 99-percent associated with passwords when you look at the FriendFinder Networks databases have already been cracked. Because of scripting that is easy the lowercase passwords aren’t likely to hinder many attackers who are seeking to make the most of recycled qualifications.

    In addition, a number of the documents within the leaked databases have actually an” that is“rm the username, which may suggest a reduction marker, but unless FriendFinder confirms this, there’s not a way to ensure.

    Another fascination when you look at the data centers on records with a contact target of email@address.com@deleted1.com.

    Once more, this can suggest the account ended up being marked for removal, however if therefore, why ended up being the record completely intact? Exactly the same might be expected when it comes to accounts with "rm_" within the username.

    More over, it is not clear why the business has documents for Penthouse.com, a residential property FriendFinder Networks offered early in the day this year to Penthouse worldwide Media Inc.

    Salted Hash reached off to FriendFinder Networks and Penthouse worldwide Media Inc. on Saturday, for statements also to ask extra concerns. Because of the time this short article had been written nonetheless, neither business had answered. (See update below.)

    Salted Hash additionally reached down to a number of the users with current login documents.

    These users had been section of an example range of 12,000 documents fond of the news. Not one of them reacted before this informative article decided to go to printing. During the time that is same attempts to start reports using the leaked current email address failed, given that target had been within the system.

    As things stay, it appears to be as though FriendFinder Networks Inc. happens to be completely compromised. Vast sums of users from all over the planet have experienced their reports exposed, making them available to Phishing, and sometimes even even worse, extortion.

    This can be specially detrimental to the 78,301 those who utilized a .mil current email address, or perhaps the 5,650 individuals who utilized a .gov current email address, to join up their FriendFinder Networks account.

    Regarding the upside, LeakedSource only disclosed the scope that is full of information breach. For the present time, use of the info is bound, also it will never be designed for general public queries.

    For anybody wondering if their AdultFriendFinder.com or Cams.com account happens to be compromised, LeakedSource claims it is far better simply assume it offers.

    “If anybody registered a free account just before November of 2016 on any Friend Finder site, they need to assume they've been affected and get ready for the worst,” LeakedSource said in a declaration to Salted Hash.

    On their internet site, FriendFinder Networks claims they do have more than 700,000,000 users that are total distribute across 49,000 web sites within their system - gaining 180,000 registrants daily.


    FriendFinder has released a notably general public advisory about the information breach, but none associated with affected web sites have already been updated to mirror the notice. As a result, users registering on AdultFriendFinder.com wouldn’t have an idea that the organization has experienced an enormous safety incident, unless they’ve been after technology news.

    In line with the declaration posted on PRNewswire, FriendFinder Networks will begin notifying users that are affected the info breach. But, it'sn’t clear when they shall inform some or all 412 million reports which were compromised. The organization nevertheless hasn’t taken care of immediately concerns sent by Salted Hash.

    “Based in the ongoing research, FFN will not be in a position to figure out the actual amount of compromised information. Nevertheless, because FFN values customers and takes to its relationship really the security of consumer information, FFN is within the procedure of notifying impacted users to present all of them with information and assistance with how they may protect by themselves,” the declaration stated to some extent.

    In addition, FriendFinder Networks has employed some other company to help its research, but this firm wasn’t known as straight. For the time being, FriendFinder Networks is urging all users to reset their passwords.

    In an appealing development, the pr release had been authored by Edelman, a strong recognized for Crisis PR. Just before Monday, all press needs at FriendFinder Networks had been managed by Diana Lynn Ballou, which means this is apparently a current modification.

    Steve Ragan is senior staff journalist at CSO. ahead of joining the journalism globe in 2005, Steve invested 15 years as being a freelance IT specialist centered on infrastructure administration and protection.

    Comments are closed.