Adult Dating Site Hack Reveals Users' Sexual Preference, Extramarital Affairs

An anonymous reader notes this report from Channel 4 News that Adult FriendFinder, one of the largest dating sites in the world, has suffered a database breach that revealed personal information for 3.9 million of its users. The leaked data includes email addresses, IP addresses, birth dates, postal codes, sexual preferences, and information indicating which of them are seeking extramarital affairs. There even seems to be data from accounts that were supposedly deleted. Channel 4 saw evidence that there were plans for a spam campaign against these users, and others are worried that a blackmail campaign will follow. "Where you've got names, dates of birth, ZIP codes, then that provides an opportunity to actually target specific individuals whether they be in government or healthcare for example, so you can profile that person and send more targeted blackmail-type emails," said cybercrime specialist Charlie McMurdy.

Re:How could you protect against this?

[l0ungeb0y]

How about securing your freaking server by locking down all ports and running only necessary services with access restrictions to allowed IPs? How about NOT using MySQL which is shit poor as far as security? How about not allowing direct DB over a Port and use an API over HTTPS instead? These are but a few obvious things that can be done to prevent someone from getting access to your DB's Data Files or accessing the DB itself.