Adult FriendFinder Breach

In 2016, Friend Finder Networks publicly acknowledged a sweeping data breach that impacted its flagship adult-dating site, AdultFriendFinder, along with Cams.com, Penthouse.com, Stripshow.com, iCams.com and one unidentified domain.   
The incident traced back to an unpatched local file-inclusion vulnerability first spotlighted by an independent researcher in mid-October. Attackers quietly exploited the flaw between roughly 18 October and 13 November 2016, siphoning data from six production databases and ultimately exposing more than 412 million user records, making it one of the largest credential leaks on record and the site’s second major compromise in as many years.  
  
The stolen trove spans two decades of activity and contains highly sensitive account-level data: usernames, email addresses, dates of last visit, join dates, browser and IP information, membership status and even records linked to accounts users thought they had deleted. Passwords were either left in plain text or hashed with unsalted SHA-1, leaving most of them trivially crackable and adding to the privacy risk for those whose identities could be tied to the service.   
  
According to contemporaneous analyses, the haul included about 339 million records from AdultFriendFinder alone, another 62 million from Cams.com, and smaller but still significant sets from the remaining properties. Leaked Source researchers noted more than 15 million “deleted” accounts in the database and identified thousands of .gov and .mil email addresses, heightening concerns over potential blackmail, doxxing and personal fallout.   
  
Friend Finder learned of the breach only after Leaked Source disclosed the data on 13 November 2016, prompting the company to enlist external forensics teams and law-enforcement partners. While FFN did not release a granular inventory of the compromised fields, it urged all users to reset credentials, monitor related accounts for suspicious activity and remain vigilant against social-engineering attacks. Customers affected by the earlier 2015 breach received renewed advisories, as the 2016 incident demonstrated that previously mitigated risks could resurface when legacy data is retained.