People with accounts on Adult FriendFinder, Penthouse, Cams.com, Stripshow and various other adult networks have had their accounts compromised and if you have used the same password on a different network then you might need to change your passwords.
The parent company for all these networks was hacked and as a result, more than 400 million accounts were compromised, as Leaked Source reported. This is in start contrast with the Ashley Madison hack which was only for 32 million people.
The cyber attackers apparently breached the FriendFinder Networks last month and that is how they managed to gain access to the 300 million accounts which are on Adult FriendFinder. The network markets itself to be the ‘World’s largest sex and swinger community’.
Together with the Adult FriendFinder network, the hackers also got into the Cams.com network where they got 62 million accounts, a sex chat which uses live webcams. The hackers also managed to knock about 7 million accounts from Penthouse.com, 1.4 million on the Stripshow network, and 1.1 million on the iCams.com network. They also managed to receive about 35,000 accounts on one unknown domain.
Reports indicate that the FriendFinder’s network might have been hacked through one of the local file inclusion exploits, which had given the hackers a chance to access all of the network’s sites. Leaked Source said that they were working to get the data accessible to the general public at the moment.
FriendFinder was also criticized for messing up their techniques in various ways. The company is said to have stored their passwords in plain text and there was no protection on it, and for those which they hashed they only used the surprisingly weak SHA1 algorithm, Leaked Source reported.
The company is also known to have kept some logins for some sites which they don’t even run anymore. It is reported that the company was also retaining password and email addressed for over 15 million people who had deleted their accounts in the first place.
The FriendFinder Networks Vice President and Senior Counsel, Diana Ballou, said that during the past few weeks, the company has received some potential security vulnerabilities from a slew of sources and they were working on the issue.
She also said that immediately after they had received the information, the company had taken some steps so as to review the situation and they had brought in the required third party companies to help with the problem. Ballou also noted that some of the claims were just attempts to source money out from them, but the company had put forth the necessary measures to deal with the problem.