According to a security report from the site leaked source, the site described as the largest community of swingers and sexual encounters has been hit by hackers who exploited a security weakness on their site allowing them to place malicious code on their servers in order to steal the personal information of users stored in their databases.
This situation enabled the hackers to collect database information from all the company’s affiliated sites, which include adultfriendfinder (339 million accounts), Penthouse (7 million accounts), and cams.com (62 million accounts).
More than 400 million accounts created over the past 20 years could potentially be impacted. The compromised information includes the usernames, passwords, email addresses, last visit date, browser information, and IP address. An additional 15 million deleted accounts were also affected, as the information deleted by users hadn’t been completely erased from the servers.
This is the second such attack on the Canadian company, and we wonder why their website security hadn’t been improved since the first attack, which compromised almost 4 million accounts. Drastic security measures should have been taken at that time.
Among their deficiencies, their database encryption is very weak. It is simply SHA-1 protocol, which any hacker can decrypt in only a few minutes, as well as all the information that was clearly displayed without any encryption. Why didn’t they encrypt their database information with a more secure encryption protocol like AES-256, for example?
The media repercussions of this situation with the general public may be a big blow to the company’s business. Will customers continue to use their dating and webcam services? Will there still be customer confidence after this misadventure? To be continued…