Uh-oh - millions of hook-up customers have their details exposed

But AdultFriendFinder still isn't telling new customers it's been hacked

Millions of randy souls have had their personal details, including sexual preferences, leaked online after hook-up site AdultFriendFinder was hacked.

Up to 3.9 million of the site's 64 million users had personal information such as their email addresses and bedroom predilections revealed online, according to Channel 4 News, which broke the story last night.

The casual dating network has now called in police and security experts to help it understand just how far reaching the hack has been.

A hacker known only as ROR[RG] posted the names, emails, postcodes, dates of birth and computer IP addresses of victims of the hack in a forum.

Their sexual orientations and sexual preferences were also posted publicly by the hacker, found Channel 4 News, which said no credit card details have yet surfaced.

The site's owner, FriendFinder Networks, released a statement saying it "fully appreciates the seriousness of the issue", and would take appropriate steps to protect members.

But security expert Graham Cluley wrote in a blog post that, using a pseudonym and fake email address, he had been able to sign up to the site without receiving any warning the site was insecure.

He said: "Appropriate steps to protect your customers, AdultFriendFinder? How about posting a warning on your website so your members can look out for phishing emails, or malware which might be sent to them?

"What about some advice about the type of threats that users could be exposed to - including, potentially, blackmail - if their membership of the site is uncovered?"

It's the latest in a string of high profile data breaches, including health insurance firm CareFirst's loss of 1.1 million customers' details revealed yesterday by FireEye Mandiant, but which happened a year ago.

Meanwhile, TalkTalk confirmed in February that a fraction of its 4 million customerbase had their accounts compromised in a cyber attack.

The Information Commissioner's Office (ICO) this week indicated it would be reluctant to use new powers proposed by the EU to fine data breach organisations up to five per cent of their annual turnover.

A statement from FriendFinder Networks read: "FriendFinder Networks Inc. has only just been made aware of this potential issue and understands and fully appreciates the seriousness of the issue.

"We have already begun working closely with law enforcement and have launched a comprehensive investigation with the help of leading third-party forensics expert, Mandiant.

"Until the investigation is completed, it will be difficult to determine with certainty the full scope of the incident, but we will continue to work vigilantly to address this potential issue and will provide updates as we learn more from our investigation.

"We cannot speculate further about this issue, but rest assured, we pledge to take the appropriate steps needed to protect our customers if they are affected."

Featured Resources

Become a digital service provider

How to transform your business from network core to edge

Download now

Optimal business results with the cloud

Evaluating the best approaches to hybrid cloud adoption

Download now

Virtualisation that enables choices, not compromises

Harness the virtualisation technology that's right for your hybrid infrastructure

Download now

Email security threat report 2020

Four key trends from spear fishing to credentials theft

Download now

Recommended

Hackers using COVID vaccine as a lure to spread malware
hacking

Hackers using COVID vaccine as a lure to spread malware

15 Jan 2021
Cyber criminals bypassing MFA to access cloud service accounts
two-factor authentication (2FA)

Cyber criminals bypassing MFA to access cloud service accounts

14 Jan 2021
Capcom data breach adds another 40,000 estimated victims
data breaches

Capcom data breach adds another 40,000 estimated victims

13 Jan 2021
Parler suffers data leak before being taken offline
social media

Parler suffers data leak before being taken offline

12 Jan 2021

Most Popular

What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

12 Jan 2021
150,000 arrest records accidentally deleted from police database
data management

150,000 arrest records accidentally deleted from police database

15 Jan 2021
Can Pat Gelsinger get Intel back on track?
chief executive officer (CEO)

Can Pat Gelsinger get Intel back on track?

13 Jan 2021