Uh-oh - millions of hook-up customers have their details exposed

But AdultFriendFinder still isn't telling new customers it's been hacked

Millions of randy souls have had their personal details, including sexual preferences, leaked online after hook-up site AdultFriendFinder was hacked.

Up to 3.9 million of the site's 64 million users had personal information such as their email addresses and bedroom predilections revealed online, according to Channel 4 News, which broke the story last night.

The casual dating network has now called in police and security experts to help it understand just how far reaching the hack has been.

A hacker known only as ROR[RG] posted the names, emails, postcodes, dates of birth and computer IP addresses of victims of the hack in a forum.

Their sexual orientations and sexual preferences were also posted publicly by the hacker, found Channel 4 News, which said no credit card details have yet surfaced.

The site's owner, FriendFinder Networks, released a statement saying it "fully appreciates the seriousness of the issue", and would take appropriate steps to protect members.

But security expert Graham Cluley wrote in a blog post that, using a pseudonym and fake email address, he had been able to sign up to the site without receiving any warning the site was insecure.

He said: "Appropriate steps to protect your customers, AdultFriendFinder? How about posting a warning on your website so your members can look out for phishing emails, or malware which might be sent to them?

"What about some advice about the type of threats that users could be exposed to - including, potentially, blackmail - if their membership of the site is uncovered?"

It's the latest in a string of high profile data breaches, including health insurance firm CareFirst's loss of 1.1 million customers' details revealed yesterday by FireEye Mandiant, but which happened a year ago.

Meanwhile, TalkTalk confirmed in February that a fraction of its 4 million customerbase had their accounts compromised in a cyber attack.

The Information Commissioner's Office (ICO) this week indicated it would be reluctant to use new powers proposed by the EU to fine data breach organisations up to five per cent of their annual turnover.

A statement from FriendFinder Networks read: "FriendFinder Networks Inc. has only just been made aware of this potential issue and understands and fully appreciates the seriousness of the issue.

"We have already begun working closely with law enforcement and have launched a comprehensive investigation with the help of leading third-party forensics expert, Mandiant.

"Until the investigation is completed, it will be difficult to determine with certainty the full scope of the incident, but we will continue to work vigilantly to address this potential issue and will provide updates as we learn more from our investigation.

"We cannot speculate further about this issue, but rest assured, we pledge to take the appropriate steps needed to protect our customers if they are affected."

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

Global ransom DDoS extortionists are retargeting companies
distributed denial of service (DDOS)

Global ransom DDoS extortionists are retargeting companies

22 Jan 2021
Pixlr data breach exposes over 1.9 million user records
data breaches

Pixlr data breach exposes over 1.9 million user records

22 Jan 2021
BEC scammers are using Google Forms to identify easy victims
phishing

BEC scammers are using Google Forms to identify easy victims

21 Jan 2021
FBI warns of ongoing corporate vishing attacks
phishing

FBI warns of ongoing corporate vishing attacks

19 Jan 2021

Most Popular

How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
WhatsApp could face €50 million GDPR fine
General Data Protection Regulation (GDPR)

WhatsApp could face €50 million GDPR fine

25 Jan 2021
Trump pardons convicted ex-Google engineer Levandowski
intellectual property

Trump pardons convicted ex-Google engineer Levandowski

20 Jan 2021