Data reportedly breached in the latest hack includes email addresses, passwords, IP addresses and site membership status.
If Adult Friend Finder users have the same password for multiple sites and online services, criminals could use it to compromise other accounts.
Yes it’s our job to be responsible but on the same note they should encourage high standards and do more than the required basics to keep it safe.” Lee Munson, Security Researcher for “The Adult Friend Finder hack, like many that have gone before it, and many that will come after, highlights the poor approach to security taken by even the biggest sites on the web.
The use of SHA1 – whose effectiveness has been questioned since at least 2005 – is almost as disturbing as the fact that over 15 million deleted user account emails were still allegedly kept in the site’s database.
By storing passwords in clear text or insecure formats, companies render even complex passwords useless.
If true, the mastermind behind that idea should probably be feeling very uneasy about their future job prospects right now.
But for all intents and purposes, it looks as if security wasn’t even an afterthought.
Not only were passwords stored with trivial protection, but accounts that users had deleted, appeared to not have been deleted at all.
Friend Finder Network Inc was hacked in October of 2016 for over 400 million accounts representing 20 years of customer data which makes it by far the largest breach we have ever seen — My Space gets 2nd place at 360 million.
This event also marks the second time Friend Finder has been breached “Unfortunately many businesses simply do not learn their lesson and by failing to implement proper cyber security controls repeatedly place the privacy of users at risk.