AdultFriendFinder Network Hack Of 412 Million Accounts Eclipses Ashley Madison Breach
The bulk of compromised accounts came from AdultFriendFinder, the "world's largest sex and swinger community," which coughed up more than 339 million accounts. Hackers used a local file inclusion exploit to break in and steal customer data. Among the account information collected were over 15 million deleted emails. The significance of that is anyone who may have signed up out of curiosity a decade or more ago is still a victim of the breach.
In addition those accounts, hackers stole details belonging to over 62 million Cams.com accounts and more than 7 million Penthouse.com accounts, along with around 2.5 million accounts from other domains belonging to Friend Finder Network.
"Usually people ask us how many .gov and .mil emails exist on sites like this which is easy enough to check. There are 5,650 .gov registered emails on all websites combined and 78,301 .mil emails," said LeakedSource, which obtained the compromised data.
Many of the accounts appear to have been created with easily guessable passwords, such as 123456, password, and qwerty. The bulk of those were probably created as throwaway accounts, though that's not the case for all of them. Due to the size of the breach, which exceeds that of Ashley Madison last year, LeakedSource said it is taking the unusual step of not making the data searchable at this time.