Six databases that were owned by FriendFinder Networks, Inc. suffered a massive data breach in 2016, which cost 412 million users their accounts. Not only were the usernames and passwords stolen, but 15 million deleted accounts were also included in the mix. AdultFriendFinder is an adult dating/entertainment website that calls itself the “world’s largest sex and swinger community.” Along with AdultFriendFinder, data accounts from Cams.com and Penthouse.com were also accessed in the data breach. A security researcher named “Revolver” first discovered the breach. In an earlier breach, FriendFinder lost sensitive data regarding member’s sexual preferences, extramarital affairs, and purchases made on the site. This latest breach, however, appears to have only compromised accounts. FriendFinder executives have been slammed in the media for poor security practices, and they have not publicly commented on the data breach.
When Was the FriendFinder Data Breach?
After investigating, cybersecurity officials believe the AdultFriendFinder data breach occurred before October 20, 2016. FriendFinder was warned by Revolver on October 18, 2016, about the potential vulnerability. Along with the accounts, evidence of source code from their websites and public/private key-pairs also showed up available online for purchase on the dark web.
How to Check if Your Data Was Breached
The data stolen during this incident were usernames, email addresses, and passwords. There is no online method for looking up whether or not your data was breached in this incident, but if you are a member of FriendFinder.com, your user account was affected.
What to Do if Your Data Was Breached
The first thing you should do is change your password to something very secure. Use a complex combination of letters, numbers, and symbols. Some other precautions to take are:
Be on the lookout for phishing emails. Your information could be used to intimidate you or extort money from you.
Cancel any credit cards used on the website.
If you used the same password on any other sites, change those as well.
Keep an eye on your credit and sign up for credit monitoring with a company like IDStrong.com.
Consider a credit freeze so no one can open up new accounts in your name.
Report the incident to FriendFinder to let them know your information has been used for fraud or other illicit purposes.
Can My FriendFinder Information be Used for Identity Theft?
Due to the sensitive nature of the website content and purpose, the stolen accounts are more at risk than most others. In the theft, there were 78,301 who registered for the website using a military email address and another 5,650 that used a .gov (government worker) address. These members are at extreme risk of being extorted or having their identity stolen. For the millions of regular users, they too are in danger of phishing scams, viruses, malware attacks, and identity theft. The information ended up on the dark web and you should be aware that you may become a target because of this data breach. Be extra careful and learn what steps to take to protect yourself.
How to Prevent Data Breach
When signing up for an account with any type of website, you take a risk entering private information, even just your email address. To keep your life and your information private follow the steps below:
Keep your computer and other devices updated with the latest operating system, security patches, and antivirus software. Run deep scans often.
Use only one credit card online for purchases and check the monthly statement carefully.
Never give out personal information online if you don’t have to.
Monitor your credit reports and bank statements; look for fraudulent charges.
Change your passwords often and make them very complicated.
Watch for phishing or scam emails.
Never click a link in email or open any attachments.
You cannot be too careful online. Always use common sense before entering information into a web page and look for security certificates before making any payments. Stay on top of data breaches and respond quickly if you are affected.