Friend Finder Network, Inc. is an adult services company and was reportedly hacked last October affecting 400 million accounts, which makes it the largest security hack ever.
Friend Finder Network, Inc. has several different websites and businesses including: Adultfriendfinder.com, Cams.com, Penthouse.com, Stripshow.com, and iCams.com. Over 400,000,000 accounts were affected in the hack, which was first reported by LeakedSource.com.
This is the second time Friend Finder has been hacked in the last two years. Hackers reportedly breached FriendFinder Networks last month and gaining access to AdultFriendFinder, which calls itself the “World’s largest sex & swinger community.” The hack also revealed the e-mail addresses and passwords to over 62 million accounts on Cams.com, a live webcam website and over 8 million accounts on several other Friend Finder adult websites.
How did hackers gain access to FriendFinder’s network of adult websites?
FriendFinder’s network was reportedly hacked through a local file inclusion exploit. A local file inclusion exploit works by affecting web applications that allow users to upload files to the website’s server. Once the file is executed by the server, the local file inclusion allows for a hacker to gain access to private information and possibly place code on the server, that allows for users to execute certain commands.
At this moment, LeakedSource says they do not plan on making the data searchable to the general public.
Is this serious?
Several major websites and companies have become victims of hacks including MySpace, Weebly, and Yahoo.
In June 2013 hackers were able to gain access to MySpace’s over 360 million users. MySpace later issued a statement saying, “Email addresses, Myspace usernames, and Myspace passwords for the affected Myspace accounts created prior to June 11, 2013 on the old Myspace platform are at risk.”
Just last week, Yahoo announced that they were hacked earlier than previously reported. It was reported that over 500 million user accounts were breached and private information including names, birthdates and unprotected security questions were revealed. Yahoo initially explained that a “recent investigation” but, hackers had access to Yahoo’s computer network at least a year and a half before the company launched an investigation and discovered personal information had been compromised.
In addition, the web design platform Weebly was hacked in February affecting 43 million accounts. Weebly responded to the hack by saying, “We do not believe that any customer website has been improperly accessed.”