Slashdot Mirror
Adult Dating Site Hack Reveals Users' Sexual Preference, Extramarital Affairs
An anonymous reader notes this report from Channel 4 News that Adult FriendFinder, one of the largest dating sites in the world, has suffered a database breach that revealed personal information for 3.9 million of its users. The leaked data includes email addresses, IP addresses, birth dates, postal codes, sexual preferences, and information indicating which of them are seeking extramarital affairs. There even seems to be data from accounts that were supposedly deleted. Channel 4 saw evidence that there were plans for a spam campaign against these users, and others are worried that a blackmail campaign will follow. "Where you've got names, dates of birth, ZIP codes, then that provides an opportunity to actually target specific individuals whether they be in government or healthcare for example, so you can profile that person and send more targeted blackmail-type emails," said cybercrime specialist Charlie McMurdy.
sorry, gotta go.
Our government is out of control anyway, anything that allows blackmail, removal from office, misery in their lives. etc is a good thing
Given that their list of choices for sexual preferences doesn't include tentacle-on-pregnant furry futanari, I think I'm pretty safe.
If you're gonna cheat, why do it on the Internet? People who continue to trust the anonymity of the web boggle my mind.
You could encrypt all the data in the database, but that would only protect you from somebody able to access the database but not any of the decryption code (somewhat unlikely).
Assuming full access to the database and code, is there any way to protect against being able to link identification with the rest of the personal information.
I can only come up with the obvious client-side encryption, but will the network as a whole still be able to use the data as it's supposed to (in this case; find adult friends)?
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
After the last big hack I had to give up my old IP address, 192.168.0.1, which I had used for years. What a pain!
Hopefully some of the users that will be approached will not be good candidates for blackmailing; because they already got out of the relationship they were trying to cheat on or have already come out of the closet with whatever sexual kink they have.
Hopefully those users will contact police when they receive blackmail attempts and will aid in netting whoever is behind this
Oh no, now everyone will know I'm a white male age 18 to 49!
Most linux users don't know this, but the man pages were named after Chuck Norris. Chuck Norris fsck'ing hates noobs!
I've had a look at the data, there are very many easily identifiable people, for some of those there is date-of-birth data, ZIP code, "preferences", details of any money spent etc. There are a few people using their .gov email addresses for this, some of those can be verified by the IP address, some other email addresses belonging to other corporations. I would suspect that those are the people who are most at risk of blackmail. Remember too that an email addresses can be used to look people up on Facebook, which would make it easier for blackmailers to find potential victims.
Not revealed in the breach (so far) are credit card data, real names (although many are obvious from the email addresses) or passwords. Although I notice that some people were smart enough to sign up with a throwaway email address, if they have actually paid for anything then they would have had to supply real contact details somewhere.
The background story appears to be that a pissed-off affiliate who claims they were owed hundreds of thousands of dollars had a contact hack the database. It seems the hackers are demanding money else they will release the rest of the data.
Never email donotemail@WeAreSpammers.com
Suddenly many ministers are all going to 3 week long camps to be cured.
the point myOre
How did they ever filter out all the fake accounts? Hot horny locals, my ass.
I think if you are having an extramarital affair then you deserve to be found out and/or blackmailed.
It should be common knowledge that this sort of thing can happen on the internet. You continue at your own risk.
How about some neat diagrams visualizing these data? Like relations between age, gender, residence, preferences, etc...
GayWAD was right, if yo've used Slashdot beta to find a sex partner, you now have no problems.
You can't send SPAM to an email that doesn't exist. Close the email account associated with the compromised account. Problem solved.
Dating site of F^@( Buddy site.
FTFY
Really? I had to give up my 127.0.0.1.
You think that's bad? I had to give up my 127.0.0.1.
In my brazen, younger days, I used to publicly dare people to hack my site
I'm sure the information release was trivial and... oh my God. I didn't realize she still had those photos.
my god, people, if you are going to use a site like that, don't use your real name, work email address, etc.
consider that *everything* is going to get compromised -- if it is not already. use some common sense.
there are 3 kinds of people:
* those who can count
* those who can't
How many Republicans? :-)
This is horrible.
I think I had an account but like all adult sites I sign up for I used a throwaway email, lie about my age and location, and only show my dick and balls in photos.
And no will recognize the dick and balls as I'm a virgin in my 30s.
Nice porn collection!
So, does anyone have a link to the sample that was released? Even with the e-mails and IP's and birthdates redacted? This kind of data merits some analysis: you don't often get giant dumps of such highly personal information collected from people who think they're protected by some sort of pledge of trust and secrecy. It would make for a fascinating paper.
I loved the IRC link bots that would read off title of a website/url linked in the room. http://localhost or http://127.0.0.1 would yield interesting results at times. Also a good reminder not to user IRC or browse from your public web server.
This is why people with substantial power — such as, first of all, government officials — must not engage in adultery or anything similarly reprehensible even if it is not illegal for the rest of us. Not because of some wicked "puritanism", but because it opens them up to blackmail, that corrupts government thus affecting all of us.
Government officials — be they lawmakers, judges, or executives — must be squeaky fucking clean. (Same may apply to CEOs, but that's up to their shareholders.)
In Soviet Washington the swamp drains you.
I'm glad you've finally been forced to give up 192.168.0.1. Your bogus static IP address was causing routing problems on the LAN; some of our machines thought you were the gateway. Fortunately your MAC address wasn't the same as the gateway, so some of us still had Internet access.
Like where do you find this data .. for .. like .. um .. research purposes .. yeah that's right I need it for research purposes.
I think housewifewhore@hotmail.com has a copy. Reach out to her. Feel me?
...and information indicating which of them are seeking extramarital affairs
Good. Fuck em. Let's see some good old fashioned public shaming. Cheating fucks.
In the Ars story about this they pointed out a website that tracks beaches that I hadn't heard of before: ';--have i been pwned?
I plugged my email addresses into this and found out that I had been a part of the Adobe breach fro October 2013. And I don't remember Adobe telling me about it
I am Slashdot. Are you Slashdot as well?
As the protection of our customers is our utmost concern and in abundance of caution we have temporarily disabled the username search function and have begun to mask usernames of any users we believe were affected by the security issue. Users will still be able to log-in using their username and password but the username search functionality will be disabled until further notice. We are also creating a streamlined and easy process for users to change their usernames and passwords that will be live this weekend.
If you have any questions or concerns, please do not hesitate to contact customer service. For further information please visit http://www.ffn.com/security-up...
-------
FriendFinder Networks Inc. has just been made aware of a potential data security issue and understands and fully appreciates the seriousness of the issue. We have already begun working closely with law enforcement and have launched a comprehensive investigation with the help of leading third-party forensics expert, Mandiant, a FireEye Company.
Until the investigation is completed, it will be difficult to determine with certainty the full scope of the incident, but we will continue to work vigilantly to address this potential issue and will provide updates as we learn more from our investigation.
We cannot speculate further about this issue, but rest assured, we pledge to take the appropriate steps needed to protect our customers if they are affected.
I made such an effort to conceal my sexual orientation!
I'll see your senator, and I'll raise you two judges.
... are horny males.
The rest are a mix of people out to yank some wanker's chain for the lulz, those out for blackmail, and private investigators with a specific target in mind.
What my parents told me growing up comes to mind:
http://biblehub.com/numbers/32... - "...you may be sure that your sin will find you out."
At least anyone with fear of finally being exposed as dishonest has a warning sign to make amends with their partner.
No one can fault you for the truth, although there may be consequences for the truth.
I paid $99 for an annual membership to match.com, met several nice girls, married one of them, and I now have a wife, two kids and a dog.
What kind of weird ass genetics do you have that you + wife = kid + kid + dog?!?!?
All along I just figured it was a scam harvesting money from lonely guys. People actually used it for dating??? There were actually women on it???
Nice porn collection!
I know. His looks to be pretty much the same as mine!
As though millions of divorce lawyers just orgasmed at once.
tired of the old one? try this new site ::1
is "yes, please"
... Let's all just go read all of the data for anyone we know, right now. Then there will be no potential for blackmail.
But I honestly never realized that it's a site people go to on purpose. I mentally categorized it alongside any sort of "Click here and we'll install adware for you!" ads. Has anyone here had success using this service? Is it "cragslist-y"? I don't intend to start using it, just curious.
I was taught The Law: "Do what thou wilt shall be the whole of the Law. Love is the law, love under will."
They didn't call it AdultFriendHider.
Sorry, but aren't all dating sites for adults? I mean, I've never heard of one for kids.
Direclty from the article:
The front page of Adult FriendFinder, which is based in California, features photos of dozens of attractive young women. Yet the hacked data, contained in 15 spreadsheets, reveals how few females appear to use Adult FriendFinder.
Among the 26,939 users with a UK email address, for example, there are just 1,596 who identified as female: a ratio of one woman to every 16 men.
This right there is why when I was single I gave on regular dating sites and completely avoided the adult dating sites. Much easier to meet people in person and significantly less competition.
Not to mention the unrealistic expectations of not just a woman, but a woman that has 10k guys sending her emails. The poor girls end up randomly clicking emails because most of them are the same anyway and there are way to many of them. Good luck.
Those that would blackmail cheaters of course should be treated as criminals as their motives are greed. However, if they happened to put that information all over the Internet I would applaud it. Cheating on a spouse isn't a crime but as close as you can get to one without actually being one. The emotional suffering, that can last for years, that unethical knuckleheads cause their spouses hurts their own children as well. People that are married and cheat not only deserve to be exposed but it's a moral imperative that they are exposed. .
Me too, but with 127.0.0.1! D:
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).