The biggest hack of 2016 has been revealed, and it’s huge. In fact, it’s almost as big as the 2014 half-billion Yahoo user hack we just learned about. This may surprise you given that this one involved AdultFriendFinder.
The data of nearly 340 million users has been stolen from the alternative dating site alone. Many more have been disclosed from other FriendFinder Networks sites. 62 million from Cams.com video chat site. Another 7 million from Penthouse.com. About 2.5 million more from other fields.
In total, over 412 million user records have been stolen. Besides the sheer volume of casualties and the sensitive nature of the ongoing activity at AdultFriendFinder, there is another disturbing detail about this hack. Most user data was stored as plain text.
This means that email addresses, passwords, and other details are completely exposed. Even customers who thought they were cutting ties with AdultFriendFinder were surprised with their pants down. The deleted accounts were still among the active accounts, they had simply been flagged.
Wrong password choice
You might think that users would be a little more careful when choosing passwords for a site like AdultFriendFinder. It couldn’t be further from the truth. Almost a million users went with 123456. 600,000 stopped at 12345. Another million added 7,8,9 and 0. Other popular – and extremely reckless – choices included password, qwerty and iloveyou.
These are the kind of passwords the kids in the movie The Pirates knew they were overused in 1995 … and it certainly wouldn’t take 100 guesses to resolve them.
Almost ten years ago, Penthouse took control of AdultFriendFinder by buying parent company Divers, Inc. for $ 500 million. The former Playboy competitor later changed his name to FriendFinder Networks. In 2013, the company filed for bankruptcy and its shares were delisted from the NASDAQ.
Making a profit on niche adult services online was no longer so easy. With other sites offering users a similar “friend finder” experience for free, the handwriting was on the wall.
Besides their business difficulties, they have also had their share of security issues in the past. FriendFinder Networks was also hacked last year. This incident is nothing compared to last week: “only” 3.5 million users were affected by the 2015 breach.