Adult friend finder hacked accounts
A security researcher known as Revolver claimed to find a flaw in Friend Finder Networks’ security in October, posting the information to a now-suspended Twitter account and threatening to 'leak everything' should the company call the flaw report a hoax." "This is criminal negligence, as it's not the first time," says Stu Sjouerman, CEO of security awareness training company Know Be4, in a statement.
"Adult Friend Finder has failed to learn from their mistakes and now 412 million people are high-value targets for blackmail, phishing attacks, and other cybercrime.
Local File Inclusion(LFI) was the type of attack that breached A. This attack is where the hacker is attempting to gain access to the server by including a malicious file in a vulnerability found when a multimedia file upload is incorrectly configured by the server. and their sister sites, 99 percent of the server database containing usernames, passwords, and emails were cracked as Friend Finder Network(FFN) stored sensitive information in plain text and used an outdated security algorithm known as Secure Hash Algorithm with pepper (SHA-1) .
The parent company of Adult Friend Finder is Friend Finder Networks.This is ten times worse than the Ashley Madison hack. 15 offers an in-depth look at myths surrounding data defense and how to put business on a more effective security path.Wait for a raft of class-action lawsuits." Last July, another pornography and adult hook-up site, Ashley Madison, suffered a doxing attack that exposed 37 million users accounts. Sjouerman says that when Know Be4 sent its customers fake phishing emails with lures related to the Ashley Madison breach, 4% of users clicked. Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events.The information that was stolen in the security breach is primarily user accounts.Out of the 412 million accounts compromised, 78 thousand accounts used military e-mails and 5.6 thousand US Government email addresses were also discovered.We examine some examples of how enterprises can cull this data to find the clues they need.Editor’s Note: In the tech indsutry, where everyone is constantly preparing for the inevitable, Jeremy Ho, Aaron Murray, Christopher Barron, Spencer Thomas and Vincent Le describe one of the most prominent web application targeted attacks in this blog post — Local File Inclusion (LFI), which also led to one of the biggest hacks in 2016 that revealed millions of customers’ sensitive information.Included in the leak were 96 million Hotmail accounts, 78,301 US military email accounts, and 5,650 US government accounts.From The Guardian: "It is also unclear who perpetrated the hack.Neither method is considered secure by any stretch of the imagination.'" Among the leaked accounts are some FFN should not necessarily have had to lose in the first place.In addition to the 16 million "deleted" accounts is the user database, which FFN had access to, despite having sold in February.