As previously mentioned, previous estimates put the FriendFinder Networks information breach at a lot more than 100 million reports

Hacked records connected to AdultFriendFinder.com, Cams.com, iCams.com, Stripshow.com, and Penthouse.com

Six databases from FriendFinder Networks Inc., the organization behind a number of the world’s biggest adult-oriented websites that are social have now been circulating online given that they had been compromised in October.

LeakedSource, a breach notification web site, disclosed the event completely on and said the six compromised databases exposed 412,214,295 accounts, with the bulk of them coming from AdultFriendFinder.com sunday

It’s thought the incident occurred just before October 20, 2016, as timestamps on some records suggest a login that is last of 17. This schedule can also be somewhat verified by the way the FriendFinder Networks episode played down.

On 18, 2016, a researcher who goes by the handle 1×0123 on Twitter, warned Adult FriendFinder about Local File Inclusion (LFI) vulnerabilities on their website, and posted screenshots as proof october.

When expected straight concerning the problem, 1×0123, that is additionally understood in a few sectors by the title Revolver, stated the LFI ended up being found in a module on AdultFriendFinder’s production servers.

Maybe Not very long after he disclosed the LFI, Revolver claimed on Twitter the presssing issue ended up being fixed, and “. no consumer information ever left their web web site.”

Their account on Twitter has since been suspended, but at the time he made those responses, Diana Lynn Ballou, FriendFinder Networks’ VP and Senior Counsel of business Compliance & Litigation, directed Salted Hash for them as a result to follow-up questions regarding the event.

On October 20, 2016, Salted Hash had been the first to ever report FriendFinder Networks had most likely been compromised despite Revolver’s claims, exposing significantly more than 100 million records.

As well as the leaked databases, the presence of supply rule from FriendFinder Networks’ production environment, aswell as leaked public / private key-pairs, further put into the mounting proof the corporation had experienced a severe information breach.

FriendFinder Networks never offered any extra statements regarding the matter, even with the excess documents and supply rule became general public knowledge.

These estimates that are early on the basis of the measurements associated with the databases being processed by LeakedSource, along with provides being produced by others online claiming to own 20 million to 70 million FriendFinder documents – a lot of them originating from AdultFriendFinder.com.

The overriding point is, these documents occur in numerous places online. They are being sold or shared with anybody who could have a pursuit inside them.

On Sunday, LeakedSource reported the count that is final 412 million users exposed, making the FriendFinder Networks leak the greatest one yet in 2016, surpassing the 360 million documents from MySpace in might.

This information breach additionally marks the 2nd time FriendFinder users have experienced their username and passwords compromised; the 1st time being in May of 2015, which impacted 3.5 million individuals.

The figures disclosed by LeakedSource on include sunday:

62,668,630 compromised documents from Cams.com

7,176,877 compromised documents form Penthouse.com

1,135,731 compromised documents from iCams.com

1,423,192 records that are compromised Stripshow.com

  • 35,372 compromised records from an unknown domain
  • Most of the databases have usernames, e-mail details and passwords, that have been kept as simple text, or hashed utilizing SHA1 with pepper. It really isn’t clear why variations that are such.

    “Neither technique is considered protected by any stretch regarding the imagination and moreover, the hashed passwords appear to have been changed to any or all lowercase before storage space which made them much easier to strike but means the qualifications is likely to be somewhat less helpful for harmful hackers to abuse into the real-world,” LeakedSource said, speaking about the password storage space choices.

    In every, 99-percent regarding the passwords when you look at the FriendFinder Networks databases happen cracked. As a result of scripting that is easy the lowercase passwords aren’t planning to hinder many attackers who will be trying to make the most of recycled qualifications.

    In addition, a number of the documents into the leaked databases have actually an “rm_” before the username, which may suggest a reduction marker, but unless FriendFinder verifies this, there’s no chance to be sure.

    Another fascination into the information centers on reports with a message address of email@address.com@deleted1.com.

    Once again, this can suggest the account had been marked for removal, however, if therefore, why had been the record completely intact? Exactly the same might be expected for the accounts with “rm_” within the username.

    Furthermore, it is not clear why the business has documents for Penthouse.com, a house FriendFinder Networks offered previously this to Penthouse Global Media Inc year.

    Salted Hash reached away to FriendFinder Networks and Penthouse worldwide Media Inc. on Saturday, for statements also to ask extra concerns. This article was written however, neither company had responded by the time. (See update below.)

    Salted Hash additionally reached down to a number of the users with current login documents.

    These users had been section of an example a number of 12,000 documents fond of the news. Not one of them reacted before this short article visited printing. During the time that is same tries to start records utilizing the leaked current email address failed, whilst the target was already within the system.

    As things stay, it appears to be just as if FriendFinder Networks Inc. was completely compromised. Vast sums of users from all over the planet have experienced their reports exposed, making them available to Phishing, if not even worse, extortion.

    This will be specially detrimental to the 78,301 individuals who used a .mil current email address, or even the 5,650 those who utilized a .gov current email address, to join up their FriendFinder Networks account.

    From the upside, LeakedSource just disclosed the complete range associated with the data breach. For the time being, usage of the info is bound, also it shall never be designed for general general public queries.

    For anybody wondering if their AdultFriendFinder.com or Cams.com account happens to be compromised, LeakedSource claims it is better to simply assume this has.

    “If anybody registered a free account just before November of 2016 on any Friend Finder site, they ought to assume these are typically affected and get ready for the worst,” LeakedSource said in a declaration to Salted Hash.

    On the web site, FriendFinder Networks says they do have more than 700,000,000 users that are total distribute across 49,000 internet sites in their system – gaining 180,000 registrants daily.


    FriendFinder has given an advisory that is somewhat public the information breach, but none associated with affected web sites have already been updated to mirror the notice. As a result, users registering on AdultFriendFinder.com wouldn’t have an idea that the organization has experienced an enormous safety event, unless they’ve been technology news that is following.

    In line with the declaration posted on PRNewswire, FriendFinder Networks will begin notifying users that are affected the information breach. But, it really isn’t clear should they will alert some or all 412 million reports which have been compromised. The business continues to haven’t taken care of immediately concerns delivered by Salted Hash.

    “Based regarding the ongoing research, FFN is not in a position to figure out the precise amount of compromised information. Nonetheless, because FFN values customers and takes to its relationship really the security of consumer information, FFN is in the means of notifying affected users to produce all of them with information and assistance with the way they can protect themselves,” the declaration stated to some extent.

    In addition, FriendFinder Networks has hired a firm that is outside help its research, but this company wasn’t known as straight. For the time being, FriendFinder Networks is urging all users to reset their passwords.

    The press release was authored by Edelman, a firm known for Crisis PR in an interesting development. Just before Monday, all press demands at FriendFinder Networks had been managed by Diana Lynn Ballou, which means this seems to be a change that is recent.

    Steve Ragan is senior staff writer at CSO. just before joining the journalism world in 2005, Steve invested 15 years as a freelance IT specialist dedicated to infrastructure management and safety.