Adult FriendFinder Hack Exposes 412 Million User Accounts

  • Tuesday, December 06 2016 @ 10:25 am
  • Contributed by:
  • Views: 1,994

A hack against popular adult dating and entertainment company FriendFinder Networks has exposed personal data linked to more than 412 million user accounts. The breach is one of the largest in history, and marks the second such incident at the company in two years.

Nearly 340 million accounts from the company’s flagship site, Adult FriendFinder, were compromised according to a report from LeakedSource. The hack also targeted other sites owned by FriendFinder Network, including, and records from, which was sold in February.

The Adult FriendFinder data stretched back 20 years. Information such as usernames, emails, and join dates was stolen, along with account passwords (the majority of which featured unsecured protections or none at all) and membership data like VIP status and browser information. The cache also appears to include 15 million email addresses from deleted accounts. Hack Exposes Passwords (And More) Of 40 Million Users

  • Wednesday, June 22 2016 @ 06:52 am
  • Contributed by:
  • Views: 1,728
Password Security

Fresh off the news that had been hacked comes another tale of privacy violation. This time, is the victim of the breach.

International Business Times reports that tens of millions of credentials were stolen from the adult dating website and put up for sale on the dark web. The information allegedly includes usernames, plain text passwords, email addresses, IP addresses, gender, sexual preferences, and date of birth records. It appears that some of the accounts belong to Fling administrators.

According to the hacker responsible for the breach - who goes by the pseudonym ‘peace_of_mind’ - the data dump contains more than 40 million records. It’s currently on sale for 0.8874 bitcoins, which is worth approximately $411 at the time of writing.

Vice Motherboard obtained a sample of the data from the hacker. The individual to whom the domain is registered then confirmed its legitimacy.

“We take internet security very seriously,” he wrote in an email to Motherboard. “Our site is free to join and we do not store any credit card information. We've investigated the sample data and it is from a breach that happened in 2011.”

Motherboard also shared the sample data with security researcher Troy Hunt, proprietor of the breach notification website “Have I Been Pwned?” Using HIBP, Hunt discovered and contacted two victims of the Fling breach. One confirmed their full password in the sample. The second claimed they had no recollection of joining the site, but said the beginning of the password was something they have used in the past.

On the bright side, some of the email addresses in the sample did not appear to belong to any Fling accounts. Motherboard tested 101 addresses and found that only 61 were already in use.

Additionally, some of the accounts included in the data may have been disabled prior to the breach. “Accounts in the sample were also flagged with settings such as ‘admin_disabled,’ ‘user_disabled,’ or “active,’” writes Motherboard. “However, these flags seemed to have no bearing on whether an email address was already in use or not on Fling.”

Continued investigation provided further reason to believe that not all the accounts for sale are valid. Motherboard found that accounts can be created on Fling without clicking a verification link sent to an email address. They also found that Fling passwords are required to include numbers, though many passwords in the sample data only contained letters.

To be on the safe side, anyone who has used should change their password - particularly if it has been used for more valuable services, like an email account or bank account.

Ashley Madison Hired Beautiful Women to Pose as Founders of Subsidiary Sites

  • Tuesday, October 27 2015 @ 06:48 am
  • Contributed by:
  • Views: 785

Ashley Madison, the notorious dating website for married people, has been immersed in scandal since the company’s database was hacked a few months back. First, the hackers threatened to reveal users of the site, and then, it was discovered that most of the 5 million women registered on the site (a fraction of the number of men registered on the site) were actually linked to fake email addresses set up by employees of the website.

Now another potentially damaging piece of information has been uncovered by The Toronto Sun. Apparently, Ashley Madison’s parent company Avid Life Media, which owns several other dubious dating sites such as Cougar Life, The Big and the Beautiful, and Established Men, have been hiring attractive women to pose as founders of these dating sites.

According to the report in The Toronto Sun, Avid Life Media was trying to work the best PR angles possible to attract attention to these sites, a strategy that worked with Ashley Madison. Simply by trying to purchase ad space in a mainstream publication or even airtime during the Super Bowl, Ashley Madison received a lot of media attention – notably because they were refused the ad space/ time. However, new angles had to be thought out for the other Avid Life sites, including Cougar Life.

Cougar Life was repped by Claudia Opdenkelder, a beautiful spokesperson who portrayed herself to be the founder of the dating site which matched older women with younger men. "Why shouldn’t older women have younger men to love, just as older men can pursue younger women?" she campaigned to such outlets as The Globe and Mail and New York Times. She managed to generate a lot of coverage for the dating site.

The Big and the Beautiful followed suit by hiring plus-size America’s Next Top Model winner Whitney Thompson, who claimed to have founded the dating site, which caters to men looking for plus-sized women. Simone Dadoun-Cohen represented herself as the founder of Established Men, a site aimed at wealthy men who are looking for some arm candy – much like dating site Dadoun-Cohen claimed to be stripping to put herself through college before she met her wealthy boyfriend, hence the idea for the app. However, this turned out to be a made-up story.

The information was leaked from hackers of the Ashley Madison site, who also managed to get their hands on emails between former Avid Life CEO Noel Biderman, who stepped down after the hacking incident, and former media relations manager Shari Cogan. In the emails, the two discussed plans of what they would do about a potentially damaging segment about Cougar Life on ABC’s Nightline. “I don’t want this turning in to a witch hunt,” Biderman wrote. “We don’t want the site and Claudia to look like ‘frauds.'”

As of now, the three women who posed as the websites’ CEOs are no longer employed by Avid Life Media. Opdenkelder settled a lawsuit she brought against the company.

It must be noted that journalists went along with the stories of the CEOs without fact-checking, just taking their sources’ word for it – in this case, the PR staff of Avid Life Media. It seems the story made for better headlines than the truth.