A data breach confirmed by the website Adult Friend Finder takes the damage caused by hacking to a new level. In addition to the typical Personally Identifiable Information (PII) hackers stole, they also swiped the sexual preferences of users, and information such as an interest in extramarital affairs.
The sensitive data of 3.9 million users have already been published on a secretive online forum, according to the British site Channel 4 News which first reported the breach.
Members of the forum vowed to spam the victims with email containing malware. Hacking victims confirm that’s already taking place.
But more troubling is the potential for blackmail. A security expert told Channel 4 News that criminals will comb through the published information for potential victims. Adult Friend Finder calls itself “The Hottest Dating, Hookup, and Sex Community” on its home page. In order to sign up, users had to divulge sensitive information.
Another troubling detail of this breach: some of the victims had deleted their profiles.
In an online statement published May 22, 2015, FriendFinder Networks Inc., parent company of Adult Friend Finder wrote:
The security of our members’ information remains our top priority and, upon learning of this incident, we took immediate action including:
- Launching an internal investigation to review and expand existing security protocols and processes
- Taking steps to protect our members such as temporarily disabling the username search function and masking usernames of any users we believe were affected by the security issue.
- This means that our members will still be able to log-in using their username and password but the search function will be disabled in an effort to protect members privacy. We are also in the process of communicating directly to members on how to update their usernames and passwords
- Working closely with Mandiant, a leading third-party forensics expert, to investigate the incident, review network security and remediate our system
- Notifying law enforcement, including the FBI, and coordinating with their investigation into this attack
The California-based website reports that it has 63 million registered users worldwide.