Delete adult friend finder
More specifically, the LFI was discovered in a module on Adult Friend Finder’s production servers.
While the researcher followed up the public reveal of the vulnerabilities with a post noting that the issue was resolved, the reality could not have been starker.
Passwords were also included in the trove -- the vast majority of them featured unsecured protections or none at all, the report said.
Leaked Source said the alleged breach includes nearly 340 million accounts from flagship site Adult Friend Finder, plus data from other sites owned by Friend Finder Network, including Cams.com, as well as records from Penthouse.com, which was sold in February.
Friend Finder Networks, the parent company behind the likes of Adult Friend Finder, Cams, Penthouse, i Cams and Stripshow has been hacked, with six databases from the company compromised, according to breach notification website Leaked Source.
A Local File Inclusion (LFI) exploit was all it took for server breaches that led to a mammoth 412,214,295 user-accounts’ credentials to leak online.
Solutions such as 2-factor authentication could have easily helped avert a breach of this magnitude.
The news first came to light via Leaked Source, a so-called “breach notification site”.
It warned of significant attacks — not just to Adult Friend Finder accounts but also those of its sister sites.
Both that hack and others in the adult industry, such as the 2015 Ashley Madison breach that exposed data from about 36 million users, pale in comparison to the scale of the latest alleged Friend Finder Networks data dump.
In fact, if Leaked Source is correct, only the massive Yahoo data breach disclosed in September, which hit more than half a billion accounts, exposed more user accounts.