Immediately upon learning this information, we took several steps to review the situation and bring in the right external partners to support our investigation," said Diana Ballou, vice president and senior counsel, in an email on Friday."While a number of these claims proved to be false extortion attempts, we did identify and fix a vulnerability that was related to the ability to access source code through an injection vulnerability," she said."Friend Finder takes the security of its customer information seriously and will provide further updates as our investigation continues," she added.
Either way, the database dump itself is 570 megabytes, and assuming the data was exfiltrated in a few large transactions, it would have been very noticeable on a network level.We've created these shortcuts and apps to try to help customers like you (and ourselves!) navigate the messy phone menus, hold times, and confusion with customer service, especially with larger companies.You came here to see Friend Finder.com's phone number, the real-time current wait on hold and a way to skip right through the phone lines to get right to a Friend agent.There's good news and bad on that: the bad news is that they don't have a phone number, but the good is that we do know how to contact Friend anyways and help you with your issue.The source IP addresses collected can even provide pinpoint street locations for attacks.The attack methodology deployed in this instance was not released, but it would be fair to assume that it leveraged a kind of SQL Injection attack or similar, where the information is wormed out of the back-end database through a flaw in the webserver.However, much the same way metadata collection provides insight to the NSA, this type of information provides attackers with plenty of leverage that can be used against the public.Spear phishing becomes a lot easier when attackers not only have an email address, but also location, language, and race.We are able to provide secrets and the best tools by getting feedback from you and rest of our customer community, and by sourcing some of those secrets and tips from Friend customers like yourself. Get Human builds free tools and shares information amongst customers of companies like Friend For large companies that includes tools such as our Get Human Phone, which allows you to call a company but skip the part where you wait on the line listening to their call technology music.