Monday, November 14, 2016

AdultFriendFinder suffers year’s largest data breach

It turns out that Yahoo’s data breach wasn’t the largest of 2016—and the latest hack might be more devastating to those involved.

Friend Finder Networks recently reported an enormous hack—roughly 412 million user records across its myriad networks, which include Adultfriendfinder.com, Cams.com, Penthouse.com, Stripshow.com and iCams.com.

Much of the site’s data was reportedly stored as plain text, which means that users’ email addresses, passwords and other details were there for hackers’ taking. Even people who thought they had cut ties with the site were vulnerable, because AdultFriendFinder stored inactive users’ data.

After a similar (but smaller) hack last year, Ashley Madison’s chief executive stepped down.

In total, the hack spans two decades of user data.

RELATED: Keep your cool in a crisis with these 13 tips.

The company didn’t learn its lesson from a security breach it suffered last year, where 4 million accounts were exposed. According to Leakedsource.com, the companies “were hacked via a Local File Inclusion exploit,” which CSO Online reported in October.

Diana Ballou, an attorney for Friend Finder Networks, spoke with ZDNet and provided the company’s only statement on the crisis:

Over the past several weeks, FriendFinder has received a number of reports regarding potential security vulnerabilities from a variety of sources. Immediately upon learning this information, we took several steps to review the situation and bring in the right external partners to support our investigation.

While a number of these claims proved to be false extortion attempts, we did identify and fix a vulnerability that was related to the ability to access source code through an injection vulnerability.

FriendFinder takes the security of its customer information seriously and will provide further updates as our investigation continues.

(Image via)



from PR Daily News Feed http://ift.tt/2g8EhHw

No comments:

Post a Comment