This time, email addresses, passwords, dates of last visits, browser information, IP addresses, and site membership status were revealed, reports The Guardian, citing data breach monitoring service Leaked Source.
Many would argue that having an email address and the associated data might be of little value.When signing up for an account, customers must enter their gender, which gender they're interested in hooking up with and what kind of sexual situations they desire.Suggestions Adult Friendfinder provides for the "tell others about yourself" field include, "I like my partners to tell me what to do in the bedroom," "I tend to be kinky" and "I'm willing to try some light bondage or blindfolds." The hack, which took place in March, was first uncovered by independent IT security consultant Bev Robb on her blog Teksecurity a month ago. It wasn't until this week, when England's Channel 4 News reported on the hack, that Adult Friend Finder was named as the victim.Wait for a raft of class-action lawsuits." Last July, another pornography and adult hook-up site, Ashley Madison, suffered a doxing attack that exposed 37 million users accounts. Sjouerman says that when Know Be4 sent its customers fake phishing emails with lures related to the Ashley Madison breach, 4% of users clicked. Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events.For more information from the original source of the news item, please follow the link provided in this article.However, much the same way metadata collection provides insight to the NSA, this type of information provides attackers with plenty of leverage that can be used against the public.Spear phishing becomes a lot easier when attackers not only have an email address, but also location, language, and race.That data is incredibly revealing and potentially damaging.Andrew Auernheimer, a controversial computer hacker who looked through the files, used Twitter to publicly identify Adult Friend Finder customers, including a Washington police academy commander, an FAA employee, a California state tax worker and a naval intelligence officer who supposedly tried to cheat on his wife.From The Guardian: "It is also unclear who perpetrated the hack.A security researcher known as Revolver claimed to find a flaw in Friend Finder Networks’ security in October, posting the information to a now-suspended Twitter account and threatening to 'leak everything' should the company call the flaw report a hoax." "This is criminal negligence, as it's not the first time," says Stu Sjouerman, CEO of security awareness training company Know Be4, in a statement.