Another mass hack has seen over 400 million users’ privacy breached, with very personal information surfacing on the Dark Web.
With over 412 million leaks of user IDs and passwords, the Adultfinder hack is the largest hack of 2016. The portal is operated by the Friend Finder company and this service by Adultfinder is for users who are a minimum 18 years of age.
The hack’s leaked data includes the user names and passwords, as well as the email addresses of the subscribers of the portal. A leak like this, which involves collecting a user’s personal data, could seriously jeopardize personal relationships.
To add insult to those who use this service, the data hack includes users that have used this service anytime over the last 20 years. The parent company Friend Finder is investigating the matter.
A report published by Leakedsource.com states that of the total number of users affected (412,214,295), 103,070,536 logins had their passwords saved in plain text – meaning without any decryption. The most common passwords were “123456” and ‘12345.” The company has advised that users change their passwords immediately.
More surprising were several .gov and .mil domain extensions among those found to be hacked.
Below is the list of domains that were hacked:
The hacked data is now being shared on the Dark Web and is likely to remain hidden underground. According to cyber security experts, the vulnerability used for the hack was named “local file inclusion.”
This breach of data is the largest so far this year, with the previous Myspace hack, which saw 360 million accounts hacked, following closely behind.