Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adult Dating Site Hack Reveals Users' Sexual Preference, Extramarital Affairs

Posted by Soulskill on from the another-day,-another-breach dept.

An anonymous reader notes this report from Channel 4 News that Adult FriendFinder, one of the largest dating sites in the world, has suffered a database breach that revealed personal information for 3.9 million of its users. The leaked data includes email addresses, IP addresses, birth dates, postal codes, sexual preferences, and information indicating which of them are seeking extramarital affairs. There even seems to be data from accounts that were supposedly deleted. Channel 4 saw evidence that there were plans for a spam campaign against these users, and others are worried that a blackmail campaign will follow. "Where you've got names, dates of birth, ZIP codes, then that provides an opportunity to actually target specific individuals whether they be in government or healthcare for example, so you can profile that person and send more targeted blackmail-type emails," said cybercrime specialist Charlie McMurdy.

10 of 173 comments (clear)

  1. oh no by turkeydance · · Score: 5, Funny

    sorry, gotta go.

  2. Not really by Anonymous Coward · · Score: 5, Funny

    The leaked data includes email addresses, IP addresses, birth dates, postal codes, sexual preferences...

    Given that their list of choices for sexual preferences doesn't include tentacle-on-pregnant furry futanari, I think I'm pretty safe.

  3. NO! Not my IP address!!! by Anonymous Coward · · Score: 5, Funny

    After the last big hack I had to give up my old IP address, 192.168.0.1, which I had used for years. What a pain!

  4. Hopefully by Anonymous Coward · · Score: 5, Interesting

    Hopefully some of the users that will be approached will not be good candidates for blackmailing; because they already got out of the relationship they were trying to cheat on or have already come out of the closet with whatever sexual kink they have.

    Hopefully those users will contact police when they receive blackmail attempts and will aid in netting whoever is behind this

  5. The data by Dynamoo · · Score: 5, Informative
    The data is a apparently a subset of 60 million records that the hackers are threatening to release.

    I've had a look at the data, there are very many easily identifiable people, for some of those there is date-of-birth data, ZIP code, "preferences", details of any money spent etc. There are a few people using their .gov email addresses for this, some of those can be verified by the IP address, some other email addresses belonging to other corporations. I would suspect that those are the people who are most at risk of blackmail. Remember too that an email addresses can be used to look people up on Facebook, which would make it easier for blackmailers to find potential victims.

    Not revealed in the breach (so far) are credit card data, real names (although many are obvious from the email addresses) or passwords. Although I notice that some people were smart enough to sign up with a throwaway email address, if they have actually paid for anything then they would have had to supply real contact details somewhere.

    The background story appears to be that a pissed-off affiliate who claims they were owed hundreds of thousands of dollars had a contact hack the database. It seems the hackers are demanding money else they will release the rest of the data.

    --
    Never email donotemail@WeAreSpammers.com
  6. Re:useful by gstoddart · · Score: 5, Insightful

    And, of course, let's not stop there ... let's move to the managers, executives, and sales/marketing assholes who force this shit out the door.

    The poor bastard of a programmer who has been told by the VP or the CEO (or the sales wanker) that the product must ship now, or that security doesn't matter is not always the cause of this. Sometimes they're the ones saying "umm, guys, this could be a problem".

    So, if we're assigning blame, let's go with the people who are actually to blame and who make the decisions.

    In the military, "just following orders" may not be a defense. But in private industry it's often the management who create these problems.

    Which is precisely why I say that corporations should be held to a legal standard for the protection of personal information, and should carry penalties for failure to do so.

    As long as corporations just say "oh, bummer dude" and have no penalties, they'll continue to cut as many corners as possible. Because there simply is no consequence for them.

    I'm as concerned about the management people who don't give a damn. Because they're the ones who make policy and decide that not sucking at security is too costly.

    So, want a secure internet? Kick an MBA or a CEO in the nuts, and tell them you'll keep doing it until they insist on secure code.

    --
    Lost at C:>. Found at C.
  7. Re:Nuts and %$@) by Githyanki · · Score: 5, Funny

    You realize that putting quotes around it usually indicates that there is a nudge and wink going on at the same time. Reminds me of the joke: Guy sits and drinks at the bar till closing. Bartender tells him "Hey buddy, time to go, your the last one here." Guy pulls a gun on the bartender and forces him to give him a blow job. Partway through, the guy looses concentration and the gun slips down. Bartender picks it up and hands it back to the guy. "Dont want anyone to come in and catch me doing this and think I'm gay!!"

  8. Oh, shit. by happily_married · · Score: 5, Funny

    This is horrible.

  9. Meh by Anonymous Coward · · Score: 5, Funny

    I think I had an account but like all adult sites I sign up for I used a throwaway email, lie about my age and location, and only show my dick and balls in photos.

    And no will recognize the dick and balls as I'm a virgin in my 30s.

  10. Re:Lol by zlives · · Score: 5, Funny

    you forgot to add the recurring charges ;) in your equation