In other words, they’ll demand money in exchange for not telling the world just how kinky your fetishes are.
One interesting piece of information that has come out of this exposure is that the site doesn’t have quite as many female users as the promotional material might lead you to believe.
But an email trail on that a warning about the leak was sent by a cyber security consultant on 12 March.
Around two hours later an employee at Friend Finder Networks then replied with a “read receipt” to say that the warning email had been read.
Considering the personal nature of the leaked information and its source, the hack could also open victims to blackmail schemes.
In a statement, California-based Friend Finder Networks Inc., which owns Adult Friend Finder and about 20 other dating sites, said it had "just been made aware of a potential data security issue" and that it had begun working with law enforcement and cybersecurity forensics firm Mandiant, part of Fire Eye."Until the investigation is completed, it will be difficult to determine with certainty the full scope of the incident, but we will continue to work vigilantly to address this potential issue and will provide updates as we learn more from our investigation," the statement said.
The online dating company would not comment on the read receipt, but said its “leadership” only became aware of the breach on 20 May when contacted by Channel 4 News.
“We have already begun working closely with law enforcement and have launched a comprehensive investigation with the help of leading third-party forensics expert,” the company said in a statement.“I have had so many people ask me to buy the db [database] today,” the hacker wrote on the same forum where the original leak appeared, asking for payment in the anonymised currency Bitcoin.“Or if you need I will break into any company or site for 750 in under seven days,” the writer adds.However, much the same way metadata collection provides insight to the NSA, this type of information provides attackers with plenty of leverage that can be used against the public.Spear phishing becomes a lot easier when attackers not only have an email address, but also location, language, and race.Adult Friend Finder, an online “dating service” and its affiliates were hacked in April.The leaked information included credit card numbers, usernames, passwords, birth dates, physical addresses and personal — you know — preferences.The data gave not only usernames, postal codes and dates of birth, but also an indication of which users were seeking an extra-marital affair.In its response to our story, the company stated that it had “only just been made aware” of the hack.What's often not highlighted in these cases is the monetary value of such a breach.Many would argue that having an email address and the associated data might be of little value.