An Adult Dating website AdultFriendFinder is the newest victim of a huge hack that exposed the personal information, with sexual orientation details, of around 4 million users.
A UK-based Channel 4 News revealed that hackers compromised sensitive data like email and IP addresses, birth dates, and usernames. However, more nerve wrecking is the expose of sexual orientation details and if the sought an affair, the details are dumped on a darknet forum on the anonymous network Tor.
California-based AdultFriendFinder, popular as “dating, hookup and sex community” with 63 million users worldwide, is investigating the breach in collaboration with law enforcement.
The company in a BBC statement pledged to take the right measures to rectify the act and protect their customers’ privacy. Users are directed to change passwords at once until updated further.
In a security advisory Adult Friend Finder said:
We are taking steps to protect our members such as temporarily disabling the username search function and masking usernames of any users we believe were affected by the security issue. This means that our members will still be able to log-in using their username and password but the search function will be disabled in an effort to protect members privacy. We are also in the process of communicating directly to members on how to update their usernames and passwords.
Feds and Cops exposed cheating on their spouse:
It is notable that some of the users included profiles of Government and armed service personnel causing a massive spam, said Channel 4.
Usernames like “Verywilling2011” and “Eaglesfan_6969” were found looking to have sex with someone via adult friend finder (dot) com, but they are doing this from a government email accounts, shows the hacked data.
One of the account holders is registered with a Navy.mil email address and the hacked records reveal that the person logged on to the dating site from an IP address connected to the Navy Network Information Center in Virginia Beach, VA. A cursory Google search of that person’s name suggests they were a civilian employee of the US Navy who was married as of 2002.
One of the registered accounts on the site belongs to U.S. Navy and hosted on a Navy.mil domain. The hack shows how the official was logging into the adult site from Navy Network Information Center in Virginia Beach, VA and cheating on his wife.
Robert Kirkenmeier of Naval Intelligence looked to cheat on his wife Diane via @adultfriendfind while on base at Naval Station Mayport.
— grab em by the weev (@rabite) May 22, 2015
Need more coffee before I call up this cop and ask him why his government email address is linked to his AdultFriendFinder account
— Andrew Blake (@apblake) May 22, 2015
Andrew Auernheimer, a security researcher at “weev” analyzed the leaked data and told media that one shouldn’t be surprised to see government emails linked with the search for sex on dating sites.
According to Auernheimer:
“Military facilities should not be so incompetent as to allow their employees to freely browse trash like this on the Internet, it’s a major national security risk. “This just goes to show the decadence and obsoletion of the United States government, a place where even our military bases are filled with men actively searching for whores.”
DHS guidelines prohibit employees from using their government email for “Engaging in any activity that would discredit DHS, including seeking, transmitting, collecting or storing defamatory, discriminatory, obscene, harassing or intimidating messages or material.”
The Pentagon says in a 2013 report that “Federal Government communication systems and equipment (including Government-owned telephones, facsimile machines, electronic mail, Internet systems and commercial systems when the federal Government pays for use) shall be for the official use and authorized purposes only.”