Leaked database of Adult Friend Finder still online

Adult Friend Finder was breached more than two months ago, according to a dark Web forum

Adult Friend Finder may have been breached as long as two months ago, and the sensitive files are still online.

Adult Friend Finder may have been breached as long as two months ago, and the sensitive files are still online.

Adult Friend Finder, one of the largest online dating sites, may have been breached more than two months ago, and the sensitive files -- include names, ages, email addresses, zip codes and more -- are apparently still online.

British broadcaster Channel 4 reported Thursday that the website had been breached, although information regarding the breach had been trickling out in a low-key way for some time.

FriendFinder Networks, a California-based company that owns Adult Friend Finder and other dating websites, said in an advisory that it has contacted law enforcement and is investigating.

The company claimed it had "just been made aware of a potential data security issue and understands and fully appreciates the seriousness of the issue."

"Until the investigation is completed, it will be difficult to determine with certainty the full scope of the incident, but we will continue to work vigilantly to address this potential issue and will provide updates," the company said.

Adult Friend Finder, which was founded in 1996, has more than 40 million members, according to its website. FriendFinder Networks says it has more than 600 million registered users across some 40,000 websites in its network.

The breach could be especially sensitive since Adult Friend Finder specializes in more risque types of meetings. The sales pitch on its landing page reads: "Looking for sex? Hoping to meet someone special for a hot, sexual relationship or even just a quick fling?"

The leaked records, contained in 15 Excel spreadsheets, are still online in an underground forum. The forum is a so-called "hidden" website hosted on the Tor network, which helps masks the site's true IP address. The site can only be reached using the Tor Web browser.

The files contain hundreds of thousands of email addresses purportedly of Adult Friend Finders users. Some of the Excel files also contained detailed information about members, including their age, sex, state, zip code, username and IP address.

Some of the Excel files have a column for "paymenttype" although the fields are mostly blank. Efforts to reach FriendFinder Networks to verify the files were not successful.

Bev Robb, who does malware and dark Web research, came across the Adult Friend Finder files in March. She said she held off on publicizing the information for a few weeks before contacting two security experts.

"I really didn't know what to do with the data," she said. "I assumed it was some type of extortion."

She eventually wrote a blog post on April 13, which didn't name Adult Friend Finder but identified the online nickname of the person who leaked the files, whose goes by ROR[RG].

Before posting links to the files, ROR[RG] wrote a message directed at Adult Friend Finder saying "this is for owing my guy $247,938.28." He wrote in another post: "I am in Thailand. It is a pervo website. They owe my guy money."

The administrator of the underground forum wrote on Friday that it "only took 74 days to confirm the breach," linking to a story on the BBC.

FriendFinder Networks wrote that it had hired FireEye's forensics unit, Mandiant, to investigate along with Holland and Knight, a law firm, and a public relations company specializing in cybersecurity.

"We cannot speculate further about this issue, but rest assured, we pledge to take the appropriate steps needed to protect our customers if they are affected," it said. The company could not be reached for further comment.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags securitydata breachFriendFinder Networks

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Father’s Day Gift Guide

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?