Suffice to say, federal employees are in the category of pervs who need to make sure they aren't reusing any of those bad passwords on other accounts.As we discovered by files exposed in the Ashley Madison breach, Friend Finder wasn't removing profiles that users believed to have been closed or removed.Like all sectors -- government, retail, finance and healthcare -- the adult and porn businesses are feeling the consequences of not making security a priority, in the worst possible ways. Take for example this week's breach-bloodbath, in which Friend Finder Networks (FFN) lost their Sourcefire code to criminal hackers and put their users in serious risk.Combined with Ashley Madison's many deceits, FFN also contributed to the deepening public mistrust about the very sensitive data exchange between adult companies and their consumers.Revolver is known for finding adult website security issues, and they confirmed to that the flaw was being actively exploited.Right away, Leaked Source began to receive files from Friend Finder's databases -- some 100 million records.It did not acknowledge the number of records exposed.Although FFN advised users who might be reading its press release to change their passwords, it still hasn't notified its customers directly, and there are no notifications on any of its compromised websites.
In October, a researcher who went by the names "1x0123" and "Revolver" posted screenshots on Twitter showing what's known as a Local File Inclusion vulnerability on Adult Friend Finder.
We found out this week that "sex and swinger" social network Adult Friend Finder was breached, along with all of its other sites. (FFN) operates Adult Friend Finder.com, webcam sex-work site cams.com, and a few others; a total of six databases were reported in the haul.
The hack and dump performed on FFN has exposed 412,214,295 accounts, according to breach notification site Leaked Source, which disclosed the extent of the privacy disaster on Sunday.
They wrote about the files saying, "there is a ton of personally identifiable information (PII) sitting in a forum on the Darknet that has been viewed 1,756 times."Driving home the harm to consumers, the post explained, "It is unknown how many times the breached data files have been downloaded.
Though the files were stripped of credit card data, it is still relatively easy to connect the dots and identify thousands upon thousands of users who subscribe to this adult site."Security is one area in which adult and porn sites are far behind, and no matter how you feel about sex work and adult entertainment, they are arenas in which strong security should be a priority for all involved.