Products
▸
Authors of LeakedSource blog where information on leakages in the network is published reported an incident, which resulted in at least 412 million compromised user accounts. These users are the visitors of one of the world’s largest dating sites for adults AdultFriendFinder.com and similar resources of this company. E-mail addresses, user names, and passwords got in the wrong hands.
According to the estimations of LeakedSource, the majority of accounts were registered on the Hotmail e-mail addresses (about 96 million accounts), Yahoo (74,5 million), and Gmail (61,7 million). Analysts counted 5,650 accounts tied to the addresses in the US government .gov domain and 78, 300 accounts tied to the addresses in the domains that belong to the US Department of Defense.
Analysts of LeakedSource claim that personal data of Adult Friend Finder members was kept either in the clear or using a weak encryption method so it was possible to decrypt 99% of passwords. A set of numbers from 1 to 6 turned out to be the most common password. This sequence was used more than 900 thousand times.
Having studied the database, LeakedSource concluded that Adult Friend Finder had been also keeping data of visitors that had already deleted their accounts.
After the incident, the service’s official representatives said that within a few weeks they had been receiving letters indicating information security flaws. After that, the company conducted its own investigation and eliminated the flaws. However, the measures taken were insufficient.
Adult Friend Finder leakage is the most large-scale one, at least since the beginning of 2016. Experts have compared it to the breach of Yahoo users’ data that occurred two years ago. Officially, Yahoo breach involved more data (about 500 million records), but the passwords were mostly available in the encrypted form so journalists called the incident with Adult Friend Finder “the biggest hacking in the history of mankind.”
The Adult Friend Finder owners advertise the web-site as the “world’s largest” ground for finding lovers. In 2015, the resource, founded 20 years ago, was already attacked informative post. Then personal information of 4 million users was stolen.