Even though most people don’t like to admit it, porn is one of the most popular features of the internet. Just remember, it’s not something usually spoken about at parties. Here is the problem, it has come to light that one of the biggest players in the online porn business has now been hacked. According to the breach notification website LeakedSource.com , the login credentials for over 412 million users of California-based FriendFinder Networks Inc have been compromised.
So What happened?
Friend Finder Network Inc. is the parent company that operates a wide range of 18+ adult websites. In October of 2016, it suffered its 2nd, and this time much bigger, account breach of over 400 million accounts. It seems the large number of accounts represents 20 years of customer data / history. By comparison, the MySpace breach affected 360 million users. This event also marks the second time Friend Finder has been breached in two years, the first being around May of 2015. The 2015 hack affected an estimated 3 1/2 million users.
A stated previously, FFN is the parent company for a number of sites. The breach is split among a number of the sites they run. The following list breaks down who got breached.
- Adultfriendfinder.com, known as the “World’s largest sex & swinger community”
- Cams.com, known as the place “Where adults meet models for sex chat live through webcams”
- Penthouse.com, The online home for the Adult magazine
- Stripshow.com, which is Another 18+ webcam site
- iCams.com, which offers “Free Live Sex Cams”
- In addition there is an Unknown domain (as of now) that FFN runs which as affected.
The Grand Total of affected users so far discovered = 412,214,295 (again as of now)
So How Did The Hack Happen?
For those who are geeky, the parent company FFN Network was hacked via a Local File Inclusion exploit. If you want a specific break down of the exploit CSOOnline.com has the details.
One of the more interesting stats is the number of registered email addresses that end in .gov and .mil. There are 5,650 addresses that end in .gov (as in US Government emails) and 78,301 addresses that end in .mil (as in the US Military). Needless to say, not judging anyones tastes online, but if you are going to visiting adult sites of this nature especially, couldn’t you take 5 extra minutes to create an account of a nondescript online web account (as in Gmail, Yahoo, or Live/Hotmail.com). In addition here is a break out of top 10 @ addresses breached.
So Now What?
Again, as said earlier, NOT JUDGING, however if you used any of the services listed and you have also used the same email / password on other sites, like work accounts, online billing, or anything else, you need to change your password ASAP. In addition, from an earlier Tech Geek and More post, you will want to consider turning on 2 factor authentication on your various login’s (where ever possible).
- Hacking Information – LeakedSource.com