Hello, visitor!

Article about adult friend finder user list:
LeakedSource, a breach notification website, disclosed the incident fully on Sunday and said the compromised databases affect hundreds of millions of people. 412 million FriendFinder accounts exposed by hackers. Hacked accounts linked to AdultFriendFinder.com, Cams.com, iCams.com, Stripshow.com, and Penthouse.com.

>> ENTER THE SITE <<


Six databases from FriendFinder Networks Inc., the company behind some of the world’s largest adult-oriented social websites, have been circulating online since they were compromised in October. LeakedSource, a breach notification website, disclosed the incident fully on Sunday and said the six compromised databases exposed 412,214,295 accounts, with the bulk of them coming from AdultFriendFinder.com. It’s believed the incident happened prior to October 20, 2016, as timestamps on some records indicate a last login of October 17. This timeline is also somewhat confirmed by how the FriendFinder Networks episode played out. On October 18, 2016, a researcher who goes by the handle 1×0123 on Twitter, warned Adult FriendFinder about Local File Inclusion (LFI) vulnerabilities on their website, and posted screenshots as proof. When asked directly about the issue, 1×0123, who is also known in some circles by the name Revolver, said the LFI was discovered in a module on AdultFriendFinder’s production servers. Not long after he disclosed the LFI, Revolver stated on Twitter the issue was resolved, and “…no customer information ever left their site.” His account on Twitter has since been suspended, but at the time he made those comments, Diana Lynn Ballou, FriendFinder Networks’ VP and Senior Counsel of Corporate Compliance & Litigation, directed Salted Hash to them in response to follow-up questions about the incident. On October 20, 2016, Salted Hash was the first to report FriendFinder Networks had likely been compromised despite Revolver’s claims, exposing more than 100 million accounts. In addition to the leaked databases, the existence of source code from FriendFinder Networks’ production environment, as well as leaked public / private key-pairs, further added to the mounting evidence the organization had suffered a severe data breach. FriendFinder Networks never offered any additional statements on the matter, even after the additional records and source code became public knowledge. As mentioned, earlier estimates placed the FriendFinder Networks data breach at more than 100 million accounts. These early estimates were based on the size of the databases being processed by LeakedSource, as well as offers being made by others online claiming to possess 20 million to 70 million FriendFinder records – most of them coming from AdultFriendFinder.com. The point is, these records exist in multiple places online. They’re being sold or shared with anyone who might have an interest in them. On Sunday, LeakedSource reported the final count was 412 million users exposed, making the FriendFinder Networks leak the largest one yet in 2016, surpassing the 360 million records from MySpace in May. This data breach also marks the second time FriendFinder users have had their account information compromised, the first time being in May of 2015, which impacted 3.5 million people. The figures disclosed by LeakedSource on Sunday include: 339,774,493 compromised records from AdultFriendFinder.com 62,668,630 compromised records from Cams.com 7,176,877 compromised records form Penthouse.com 1,135,731 compromised records from iCams.com 1,423,192 compromised records from Stripshow.com 35,372 compromised records from an unknown domain. All of the databases contain usernames, email addresses and passwords, which were stored as plain text, or hashed using SHA1 with pepper. It isn’t clear why such variations exist. “Neither method is considered secure by any stretch of the imagination and furthermore, the hashed passwords seem to have been changed to all lowercase before storage which made them far easier to attack but means the credentials will be slightly less useful for malicious hackers to abuse in the real world,” LeakedSource said, discussing the password storage options. In all, 99-percent of the passwords in the FriendFinder Networks databases have been cracked. Thanks to easy scripting, the lowercase passwords aren’t going to hinder most attackers who are looking to take advantage of recycled credentials. In addition, some of the records in the leaked databases have an “rm_” before the username, which could indicate a removal marker, but unless FriendFinder confirms this, there’s no way to be certain. Another curiosity in the data centers on accounts with an email address of email@address.com@deleted1.com . Again, this could mean the account was marked for deletion, but if so, why was the record fully intact? The same could be asked for the accounts with “rm_” as part of the username.













adult friend finder user list