Networks, the parent company of those sites, has reportedly been hacked, resulting in the leak of of over 412 million accounts, according to Leaked Source (h/t to CSO).For context of just how big this breach is, the Ashley Madison hack affected 32 million people.The source IP addresses collected can even provide pinpoint street locations for attacks.The attack methodology deployed in this instance was not released, but it would be fair to assume that it leveraged a kind of SQL Injection attack or similar, where the information is wormed out of the back-end database through a flaw in the webserver.Hackers reportedly breached Friend Finder Networks last month, and gained access to over 300 million accounts on Adult Friend Finder, which markets itself as the “World’s largest sex & swinger community.” The hack also exposed over 62 million accounts on Cams.com, a site for live webcam “sex chat,” over 7 million on Penthouse.com, over 1.4 million on Stripshow.com, over 1.1 million on i and a little over 35,000 on an “unknown domain.” Friend Finder’s network was reportedly hacked through a local file inclusion exploit, which enabled the hackers to access all of the network’s sites.For now, Leaked Source says it will not make the data set searchable by the general public. For one, the company either stored user passwords in plaintext, without any protection, or hashed them using the notoriously weak SHA1 algorithm, according to Leaked Source.The suggestion of a security flaw first came from self-styled "underground researcher" 1x0123 on Tuesday night, who posted on Twitter a screen grab that suggested Adult Friend Finder has a Local File Inclusion (LFI) vulnerability.Researcher 1x0123 wrote: "F**kload of databases with same user/password runing as root".
This data included their sexual preference – something not leaked in this current hack.Adult Friend Finder, an online “dating service” and its affiliates were hacked in April.The leaked information included credit card numbers, usernames, passwords, birth dates, physical addresses and personal — you know — preferences.What's often not highlighted in these cases is the monetary value of such a breach.Many would argue that having an email address and the associated data might be of little value.Unlike financially motivated hacks, these highly personal data breaches can wreak havoc whose damage cannot be undone with an updated password.The amount of personal details leaked here (including, among other things, passwords, last login, and email address) can tear families apart, jeopardize jobs and even worse.The professional nature of many of the email addresses found in the Ashley Madison hack (.gov, .mil, etc.) should have served as a wakeup call for users engaging in this behavior, however with the professional emails contained in this breach seems to show that people are still using work accounts for questionable activity.We’ve seen this situation many times before and it likely means these were users who tried to delete their account but the data is obviously still kept around because you know, we’re looking at it.is calling a “privacy catastrophe,” over 400 million accounts and deleted accounts, were breached on one of the world’s largest adult dating websites as the result of a Local File Inclusion vulnerability. com was acquired by Penthouse in 2007, which subsequently changed its name to Friend Finder Network.Under the Friend Finder Network exists numerous adult websites of which Adult Friend Finder . Combined, these websites contain over 412 million past and present users, all affected by the latest hack. com, the Friend Finder Network includes numerous adult-oriented “hookup” websites which include