High-profile hackings of 2015: Adult Friend Finder

In Information Security ByTeam Acumin / 21st October 2015

Adult Friend Finder is an social networking site that offers users the chance to connect with likeminded individuals, particularly those in the swinging community.

What happened?

In May 2015, the site was hacked and the data that was accessed was made available for public consumption.

How many records were accessed?

Around four million records, which included sensitive information about members’ sexual preferences, relationship statuses and information which could be used to identify members, such as email addresses, IP addresses, geographical locations, usernames and dates of birth were accessed by the hackers.

Why did it happen?

A vindictive hacker was discovered to have rooted the company’s database because he was extremely annoyed with Adult Friend Finder, which he claimed owed him approximately $248,000. He posted this claim on the darknet, along with a ransom demand of $100,000 on top of the $248,000 he was owed. To show he meant business, he posted 15 spreadsheets of pilfered data, and threatened to leak more and more data if he was not paid in full.

What has happened since?

Soon after the data breach of Adult Friend Finder, the hacked databases were made available online. This meant that anybody could access the records and see the personal information of people who are, or have been, members of the site.

The site’s management were also criticized for not warning their members of the hack quickly enough. In fact, people could still sign up for memberships on the site after the breach had been discovered, and there was not one single warning to the effect that the site might not be secure.

The hack also prompted a number of warnings from experts on the perils of providing too much personal information online, without knowing how secure any one system is, as the potential for data breaches grows stronger each day.