Adult friend finder user list local sex sites
It could also be particularly worrisome because Leaked Source says the accounts date back 20 years, a time in the early commercial web when users were less worried about privacy issues.The latest Friend Finder Networks' breach would only be rivaled in sensitivity by the breach of Avid Life Media's Ashley Madison extramarital dating site, which exposed 36 million accounts, including customers names, hashed passwords and partial credit card numbers (see Ashley Madison Slammed by Regulators).A group that collects stolen data claims to have obtained 412 million accounts belonging to Friend Finder Networks, the California-based company that runs thousands of adult-themed sites in what it described as a "thriving sex community." See Also: Webinar | The Future of Adaptive Authentication in Financial Services Leaked Source.com, a service that obtains data leaks through shady underground circles, believes the data is legitimate.Friend Finder Networks, stung last year when its Adult Friend Finder website was breached, could not be immediately reached for reaction (see Dating Website Breach Spills Secrets).Still, those passwords were hashed using SHA-1, which is considered unsafe.Today's computers can rapidly guess hashes that may match the real passwords.Those types of vulnerabilities allow an attacker to supply input to a web application, which in the worst scenario can allow code to run on the web server, according to a OWASP, The Open Web Application Security Project.The person who found that flaw has gone by the nicknames 1x0123 and Revolver on Twitter, which has suspended the accounts.
It appears that Friend Finder Networks changed some of the plaintext passwords to all lower-case letters before hashing, which meant that Leaked Source was able to crack them faster.The sites breached would appear to include Adult Friend Finder.com, i Cams.com, Cams.com, and Stripshow.com, the last of which redirects to the definitely not-safe-for-work playwithme[.]com, run by Friend Finder subsidiary Steamray.Leaked Source provided samples of data to journalists where those sites were mentioned.But the company fixed a code injection flaw that could have enabled access to source code, Friend Finder Networks told the publication.It wasn't clear if the company was referring to the local file inclusion flaw.