Skip Navigation
412 million Friend Finder accounts exposed by code hackers

412 million Friend Finder accounts exposed by code hackers

Hacked reports connected to,,,, and

Six databases from FriendFinder Networks Inc., the business behind a few of the world’s biggest adult-oriented websites that are social were circulating online given that they had been compromised in October.

LeakedSource, a breach notification internet site, disclosed the event completely on Sunday and stated the six compromised databases exposed 412,214,295 reports, using the almost all them originating from

It’s thought the incident happened ahead of October 20, 2016, as timestamps on some documents suggest a login that is last of 17. This schedule can also be significantly confirmed by how a FriendFinder Networks episode played down.

On October 18, 2016, a researcher whom passes the handle 1×0123 on Twitter, warned Adult FriendFinder about Local File Inclusion (LFI) vulnerabilities on their site, and posted screenshots as evidence.

When expected straight concerning the presssing issue, 1×0123, that is additionally understood in certain sectors because of the name Revolver, stated the LFI had been found in a module on AdultFriendFinder’s production servers.

Maybe maybe Not very long after he disclosed the LFI, Revolver reported on Twitter the presssing issue ended up being remedied, and “. no consumer information ever left their web web site.”

Their account on Twitter has since been suspended, but at that time he made those commentary, Diana Lynn Ballou, FriendFinder Networks’ VP and Senior Counsel of business Compliance & Litigation, directed Salted Hash for them as a result to follow-up questions regarding the event.

On 20, 2016, Salted Hash was the first to report FriendFinder Networks had likely been compromised despite Revolver’s claims, exposing more than 100 million accounts october.

The existence of source code from FriendFinder Networks’ production environment, as well as leaked public / private key-pairs, further added to the mounting evidence the organization had suffered a severe data breach in addition to the leaked databases.

FriendFinder Networks never offered any extra statements regarding the matter, even with the extra documents and supply rule became knowledge that is public.

As stated, previous estimates put the FriendFinder Networks information breach at a lot more than 100 million records.

These estimates that are early on the basis of the measurements associated with databases being prepared by LeakedSource, along with offers being produced by others online claiming to own 20 million to 70 million FriendFinder documents – many of them originating from

The main point is, these documents occur in numerous places online. They are being shared or sold with anybody who may have a pastime inside them.

On Sunday, LeakedSource reported the count that is final 412 million users exposed, making the FriendFinder Networks leak the greatest one yet in 2016, surpassing the 360 million documents from MySpace in might.

This information breach additionally marks the 2nd time FriendFinder users have experienced their username and passwords compromised; the very first time being in might of 2015, which impacted 3.5 million individuals.

The numbers disclosed by LeakedSource on Sunday include:

    339,774,493 records that are compromised

62,668,630 records that are compromised

7,176,877 records that are compromised

1,135,731 compromised records from

1,423,192 records that are compromised

  • 35,372 compromised documents from a domain that is unknown
  • All the databases have usernames, e-mail details and passwords, that have been saved as simple text, or hashed utilizing SHA1 with pepper. It really isn’t clear why variations that are such.

    “Neither technique is regarded as safe by any stretch associated with imagination and in addition, the hashed passwords appear to have been changed to any or all lowercase before storage which made them in an easier way to strike but means the qualifications is going to be somewhat less helpful for harmful hackers to abuse within the world that is real” LeakedSource said, talking about the password storage space choices.

    In most, 99-percent associated with the passwords when you look at the FriendFinder Networks databases have now been cracked. As a result of scripting that is easy the lowercase passwords aren’t planning to hinder many attackers who will be trying to benefit from recycled qualifications.

    In addition, a number of the documents within the leaked databases have actually an “rm_” before the username, that could suggest an elimination marker, but unless FriendFinder verifies this, there’s no chance to ensure.

    Another fascination into the information centers on reports with a message target of

    Once more, this might suggest the account had been marked for removal, however if so, why ended up being the record completely intact? Exactly the same might be expected for the accounts with “rm_” included in the username.

    More over, moreover it is not clear why the business has documents for, a house FriendFinder Networks offered previously this to Penthouse Global Media Inc year.

    Salted Hash reached away to FriendFinder Networks and Penthouse worldwide Media Inc. on Saturday, for statements and also to ask questions that are additional. By the time this short article ended up being written nonetheless, neither business had answered. (See update below.)

    Salted Hash additionally reached down to a few of the users with current login documents.

    These users had been section of an example set of 12,000 documents provided to the news. Not one of them reacted before this informative article went along to printing. During the time that is same tries to start reports using the leaked current email address failed, once the target had been when you look at the system.

    As things stay, it appears just as if FriendFinder Networks Inc. happens to be completely compromised. Vast sums of users from all over the world have experienced their reports exposed, making them open to Phishing, and sometimes even even even worse, extortion.

    This will be specially harmful to the 78,301 individuals who utilized a .mil email, or the 5,650 individuals who utilized a .gov current email address, to join up their FriendFinder Networks account.

    In the upside, LeakedSource just disclosed the complete range regarding the information breach. For the present time, usage of the information is bound, also it shall never be designed for general general public queries.

    For anybody wondering if their or account happens to be compromised, LeakedSource claims it is better to simply assume this has.

    “If anybody registered a free account prior to November of 2016 on any Friend Finder web site, they ought to assume these are typically affected and get ready for the worst,” LeakedSource said in a declaration to Salted Hash.

    On the site, FriendFinder Networks claims they do have more than 700,000,000 total users, distribute across 49,000 internet sites within their network – gaining 180,000 registrants daily.


    FriendFinder has granted a notably public advisory about the info breach, but none of this affected web sites have already been updated to reflect the notice. As a result, users registering on wouldn’t have an idea that the business has experienced a huge protection event, unless they’ve been technology news that is following.

    In line with the declaration posted on PRNewswire, FriendFinder Networks will begin notifying affected users about the info breach. But, it really isn’t clear when they will alert some or all 412 million reports which have been compromised. The organization continues to haven’t taken care of immediately concerns delivered by Salted Hash.

    “Based regarding the investigation that is ongoing FFN will not be in a position to figure out the precise amount of compromised information. Nonetheless, because FFN values customers and takes to its relationship really the security of consumer information, FFN is within the means of notifying impacted users to give you these with information and help with the way they can protect on their own,” the declaration stated to some extent.

    In addition, FriendFinder Networks has employed some other firm to help its research, but this company wasn’t called straight. for the present time, FriendFinder Networks is urging all users to reset their passwords.

    The press release was authored by Edelman, a firm known for Crisis PR in an interesting development. Just before Monday, all press demands at FriendFinder Networks had been managed by Diana Lynn Ballou, which means this seems to be a change that is recent.

    Steve Ragan is senior staff journalist at CSO. just before joining the journalism globe in 2005, Steve invested 15 years as being a freelance IT specialist centered on infrastructure administration and safety.