Why

All customer data has been liiberated, as per:
https://www.leakedsource.com/blog/friendfinder

400 million accounts, even 'closed' accounts are still in their database, and apparently the passwords were mostly stored insecurely.

better go download them lists and get to mailing :x

Bladewire

Wow! Thanks for the heads up

__________________

Barry-xlovecam

The bigger issue are the emailers that 'save' your mail list -- their compromising hacks are rarely reported -- ever notice how you get sudden bursts of Spam emails?

Brian mike

Thanks for the heads up

__________________
Tube - Cam - Escorts - Top List
Menu Tab - Banner - Header Link - Blog Post
DM me

Smack dat

Not surprised.

Feng-PD

how to get that list lol dont see it on the site!

__________________

j3rkules

Wow, it is really big...

__________________

Why

its in the wild, just have to know the right people or the right places to look.

NemesisEnforcer

Nice piece of nugget

__________________
The Only Time When Success Comes Before Work Is In A Dictionary.

Did you ever notice: When you put the 2 words 'The' and 'IRS' together it spells 'Theirs.'

NemesisEnforcer

Try the dark web.

__________________
The Only Time When Success Comes Before Work Is In A Dictionary.

Did you ever notice: When you put the 2 words 'The' and 'IRS' together it spells 'Theirs.'

NewNick

Old news.

__________________
"Americas Hitler" JD Vance.
“There isn’t really an upside to Trump.” Tucker Carlson.
“a convicted felon rapist is now your president” OneHungLow, gfy.com

Why

or they just sell the older ones for a cash infusion.

Why

not so much, this happened just a few weeks ago.

i think the old news you refer to was the last time they were hacked.

Why

the sad part to me is how inept AFFs tech talent appears to be. they were storing passwords in plain text and/or SHA1. its not hard to reverse SHA1 passwords, then take the whole lot and properly secure them.

anyone still doing this deserves any bad press they get.

poncabare

Uh oh...

RyuLion

That's what she said..

__________________

Adult Biz Consultant A tech head since 1995

TeenCat

year ago they have been hacked and now year later they still have passwords in plain and nobody have found that someone is downloading whole db? that is not like you download whole db every day, and one of first things is to limit any db operations for ips 400millions is 39x times more than all people in my country, and they have security like that?

__________________

babeterminal

teencat is 6bot finished now, no update for nearly 2 years?

password changed, on doing so there was some new tos i had to agree with before i could enter program, never read it anyone know the summary of the changes?

__________________
*SIG SPOT SEND MESSAGE IF INTERESTED*

HairyChick

Another story said iCams and cams.com were hit as well. Fifteen million accounts on AFF were old customers who didn't renew. One organization unencoded 99% of passwords. Hacked a year ago and then again. I'd not trust them with my info.

__________________
*****************************************
Anti-Semites have Small Penis Syndrome. The only known treatment is electroshock therapy combined with cerebellum removal. Fortunately, it’s a tiny procedure.
*****************************************

the Shemp

I used to be on a 35% payout for life, but aff hacked me down to 20%...

__________________
i use Vacares...so should you
Submit your picture galleries to my site...Outlaw TGP

freecartoonporn

400 mil emails wowza.

__________________

SSD Cloud Server, VPS Server, Simple Cloud Hosting | DigitalOcean

st0ned

Surprising that these individuals and/or groups even release the data unless they have already hit it and want to further hide themselves in the additional flood of emails.

I guess it is for fame outside of that? They could make a killing with that many emails that's for sure.

__________________
Conversion Sharks - 1,000+ adult dating offers, traffic management, and consistently high payouts.
We will guarantee and beat your current EPC to win your dating traffic!
Skype: ConversionSharks || Email: info /@/ conversionsharks.com

NALEM

We use SHA512, not SHA1, to hash our passwords. It's still not ideal. Any of you cyber experts wan't to chime in and make some suggestions.

__________________
"The time men spend in trying to impress others they could spend in doing the things by which others would be impressed."

Barry-xlovecam

Use some variable, other than the user name, to salt the password before you hash it.

Emails are a big problem. Not only are they of great marketing value -- email and user data is an extortion bonanza. If you value your businesses reputation and brand goodwill you need to actively secure this data.

The email marketing is problematic. For a medium sized business, doing high volume mail outs, the Spam server rules create security gaps that you have to trust to others (mailers).

The other point is network, database server and script security -- how did the hackers breach the system's security?

itx

If we are FFN affiliates we dont need spread this info, my .

PornDiscounts-V

First off... AFF has been hackable since the beginning. And many individuals and hacking groups have been having their way with them.

It is common knowledge in hacking back channels that it is very easy to signup as an affiliate, and then fake, crap traffic, then go into the database and find whales, now swap the affiliate id for your own. Now you too can live in mother Russia like a czar with all of your ill gotten gains.

I would posit that this is going on with almost all affiliate programs dealing with dating and cams.

Btw, doesn't matter if you lock down mysql by ip since the hacker has full control of a white listed box.

__________________

CAHEK

400 million is huge base

__________________
Pharma from True-Meds. High converting shop in Europe and USA, fast payouts via BTC !!!

TeenCat

it is easy, if you are original hacker, you will no release, if you are someone lucky and dumb, you will release, but mostly it is because the hole have been already filled, so no reason to keep the datas somewhere on local

__________________

TeenCat

hm, not sure about this one, because if the db operations are active only for one or two ips, i mean ip of billing or script which is writing into the db, you cannot do anything except from those two ips, and if someone change the settins, then some warning systems have to be activated. but, i am not good in those redneck things but looks like aff security guys have also a bit to learn ... another thing is that every big target will always be under attack, so have luck everyone

__________________

itx

If FFN is under attack we need this thing get unnoticed, we can as a Webmasters, they dont give a fuck if trump wins and they dont use it as excuse. We need be the MAFIA.

TeenCat

yes man two years is a nice holidays, 6bot will be back at work very soon

__________________

Adnium_Ivana

It's approx 412 million user details (like passwords & account info) that have leaked. A) that is one massive and envy inducing user base and B) Any site with such a huge list needs top anti-hacking and anti-pirating security. I mean get more people on your Dev & Ops team and invest in top notch software, you've got the $$

__________________
Email - [email protected]
[URL="https://adnium.com/ref/3168"]

Brian mike

Do they really have it or they get in the TINDER FREE APP storm too ?

I heard from many client of the Dating world that; they all have lose big at the arrival of the type of Tinder FREE APP Models .

Someone can put some intel on that ?

__________________
Tube - Cam - Escorts - Top List
Menu Tab - Banner - Header Link - Blog Post
DM me

Why

his point was if you have access to the one of the servers owning the whitelisted IPs in the database server, there is no way to keep the data safe. Ip protecting your database when your code is insecure doesn't do much for you.

TeenCat

ok man got it, thanks for the explanation

__________________

Adnium_Ivana

If' they've got servers to run and support 400 mill user base + plus traffic in the 100+ millions I'm assuming such a company has got the dough for security

__________________
Email - [email protected]
[URL="https://adnium.com/ref/3168"]

romeo22

Wohoo nice !!!!

rhon23

In light of recent Friend Finder events we would like to share our statement from Penthouse.

“Prior to February 19th, 2016 Penthouse was a subsidiary of FriendFinder Networks, Inc. and subject to their controls and procedures. As of the close of the sale, Penthouse now operates independent of FriendFinder Networks, Inc.
We are aware of the data hack and we are waiting on FriendFinder to give us a detailed account of the scope of the breach and their remedial actions in regard to our data. Penthouse.com is a content site and does not collect data regarding our members sexual preferences. We take our members’ data and site security seriously. We assumed full control of Penthouse.com in May of 2016 and immediately adopted a blanket policy requiring all of our members to change their passcodes. At the time our members weren’t thrilled with the inconvenience but we remain committed to “best practices” in regard to keeping our members’ data secure.”

Why

which begs the question, if the acquiring party noticed this huge issue with how passwords were being stored, why did AFF not, and/or why did they not fix at least that part of the situation long before this all happened?

incompetence or apathy?

rhon23

That is a friend finder question. We are now divorced from them.

money biz

I bet 65% are from api dating db's that didn't really sign up cough cough

itx

TheDA

__________________
Sharleen Spiteri - 1989 - In The Ass

Vendot

They look asleep at the wheel as anyone trying to get a response from affiliate support will tell you.

__________________
"In a Time of Universal Deceit, Telling the Truth is a Revolutionary Act." - George Orwell

marcop

This....

PornDiscounts-V

True, except that you cannot process anything directly in your own database? You always have to use some billing tool to do it? Not!

__________________

JFK

You wish !

__________________

FUBAR Webmasters - The FUBAR Times - FUBAR Webmasters Mobile - FUBARTV.XXX
For promo opps contact jfk at fubarwebmasters dot com

romeo22

Me gusta much