FriendFinder Network’s User Accounts Compromised

1it enterprise

1it enterpriseAccording to a report for the second time the FriendFinder Networks, a dating and entertainment site has been compromised and over 412 million accounts were exposed. Adultfreindfinder.com is included in the websites that are been breached that accounts for over 339.7 million of the 412 million accounts exposed. Penthouse.com with 7million accounts, Cams.com with 62.6 million accounts, icams.com with 1 million accounts and others with 1.7 million accounts were included in the list of websites compromised. A local file inclusion vulnerability on the Friendfinder.com was the medium through which the sites were hacked back in October. Soon after revealing the susceptibility, the researcher, known as Revolver, stated on Twitter that the issue was resolved, and “…no customer information ever left their site”.

 

Friendfinder didn’t instantly comment however the network has confirmed that they have identified and fixed the vulnerability that was related to the ability to access source code through an injection vulnerability. The passwords were stored in weak SHA1 or plainly visible format algorithm, which increases the defenselessness. Almost 99 percent of the passwords were been cracked mentioned the report. The user information that has been deleted by the user is still available in the form of email@address.com@deleted1.com