Editor’s Note: In the tech indsutry, where everyone is constantly preparing for the inevitable, Jeremy Ho, Aaron Murray, Christopher Barron, Spencer Thomas and Vincent Le describe one of the most prominent web application targeted attacks in this blog post — Local File Inclusion (LFI), which also led to one of the biggest hacks in 2016 that revealed millions of customers’ sensitive information.
As our understanding of the cyber world evolves, love becomes harder and harder to find.
even details of users who believed they deleted their accounts have been stolen again.
“It’s clear that the organisation has failed to learn from its past mistakes and the result is 412 million victims that will be prime targets for blackmail, phishing attacks and other cyber fraud,” he added.
Out of the 412 million accounts compromised, 78 thousand accounts used military e-mails and 5.6 thousand US Government email addresses were also discovered.
The information that was stolen in the security breach is primarily user accounts.
Peter Martin, managing director at cyber security specialist Reliance ACSN, added: “This breach on Adult Friend Finder is the second in as many years, which raises serious alarm bells.
It’s clear the company has majorly flawed security postures, and given the sensitivity of the data the company holds this cannot be tolerated.” Download this white paper to learn the 8 ways by which legacy ERP systems hold back your business and how “version-less” cloud ERP can help eliminate costly upgrades, reduce IT infrastructure management, and drive value with rapid implementation.
One security analyst had previously warned the company of a local file inclusion flaw, and following that warning the hackers were able to run malicious software. A collision occurs when two different message inputs, or passwords, generate the same hash.
That security analyst, known as Revolver, denied any participation in the hack. Hackers can use this collision exploit to their advantage.