A dating site, describing itself as a “thriving sex community,” has been hacked and the personal details of almost 4 million users have been shared online.
Account details from Adult FriendFinder were leaked to an online forum and included information from members who had previously deleted their accounts. The invasion of privacy could prove hugely damaging for some users, with details relating to sexual orientation and whether they are having an extramarital affair being revealed.
Adult FriendFinder claims to have 63million users globally, with more than 7 million residing in the UK. It is not yet clear how hackers were able to gain access to the account details of 3.9 million members, but a Channel 4 investigation was able to track the leak to a hacker named ROR[RG].
Victims of the hack are already being targeted with spam emails, many of which contain viruses. Other personal information such as names, email addresses and dates of birth could also be used by cybercriminals to attempt identity theft or threaten uses of the site with blackmail.
"FriendFinder Networks Inc understands and fully appreciates the seriousness of the issue,” a spokesperson for the site told Channel 4. "We have already begun working closely with law enforcement and have launched a comprehensive investigation with the help of leading third-party forensics experts.
"We pledge to take the appropriate steps needed to protect our customers if they are affected."
Although the hack damages the site’s security credentials, the leaked information also suggests that it may have been misleading its users. Despite Adult FriendFinder predominantly using pictures of scantily clad females to advertise its site, leaked account details contained just one woman for every 16 men that used the site.
Rob Norris, Director of Enterprise & Cyber Security in UK & Ireland at Fujitsu, commented: "Another day, another data breach – this time FriendFinder is in the spotlight.
"Although this hack is looking to be resolved quickly, it once again highlights that it is no longer about prevention, but instead about accepting a data breach will occur and moving to a proactive approach which allows better preparation for dealing with today’s threats. The amount of data and confidential information that is transacted every day, coupled with the growth in reliance on digital services, means that any organisation is at risk – making most an easy target in the eyes of a cyber-criminal.
"According to research from Fujitsu, only 9 per cent of consumers believe British organisations are doing enough to protect their data with a third admitting that their trust has declined in the last 12 months.
"In today’s threat landscape, organisations can no longer afford to be complacent when it comes to training and should implement an effective security education programme to help combat today’s cyber hackers.”