FriendFinder Network Data Breach Affects Over 400 Million User Accounts

Data breaches are nothing new under the sun. Major networks are hacked on a regular basis, and millions of users fall victim. In the case of Friendfinder Networks, over 400 million users’ details have leaked, which is one of the largest data breaches in the world to date. This makes the Ashley Madison hack, which exposed 32 million accounts, look rather insignificant in comparison.  

FriendFinder Networks Hosts A Lot of Popular Sites

Very few people will know the name FriendFinder Networks, even though the sites that this group operates are more than well-known. AdultFriendFinder, Penthouse, iCams, and a few other site are all property of this conglomerate. Unfortunately, the company’s growth and success attract the wrong crowd, and hackers managed to breach over 412 million accounts.

The intrusion itself took place in October of 2016, according to TechCrunch. The vast majority of compromised accounts belong to AdultFriendFinder, which saw over 300 million users affected. It is evident that the adult-oriented platforms are a primary target for hackers all over the world, as there is a huge demand for these login credentials on the underground markets.

Not too many details regarding the data breach are known right now. Initial reports seem to indicate that a local file inclusion exploit was used. By using this vulnerability, hackers were able to access all of the FriendFinder Networks’ websites. This also explains why all of the conglomerate’s platforms suffer from this data breach.

That being said, the security provided by these individual platforms was not all that great either. FriendFinder Networks has a habit of storing passwords in plaintext or hashing them with the SHA1 algorithm. Using a vulnerable encryption system is not a great way of making sure that information remains hidden from prying eyes.

Even deleted user accounts are not safe from harm. LeakedSource mentioned how 15 million user accounts, which were no longer active on any of their sister sites, were retained in a database for some unknown reason. All of this points to a combination of technological incapability and human error on behalf of FriendFinder Networks.

For now, it remains to be seen what the hackers attempt to do with this information. No one using adult-oriented sites wants their information to fall into the wrong hands. Moreover, it is likely that phishing and social engineering attacks will be directed towards these users in the coming months. This is a very troublesome development that once again shows the real issues at stake.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.