FriendFinder Networks Inc.

FriendFinder Networks Inc.

The organisation that runs AdultFriendFinder and additional pornographic websites suffered a hack; 412 million accounts were compromised.

The inadequate security procedures of the organisation allowed for the cracking of almost all account passwords. In the hack, deleted accounts were also discovered.

It was discovered that an attacker remotely might execute malicious code on the target web server by taking advantage of the AdultFriendFinder website's vulnerability.

Email addresses, usernames, passwords, site membership information, the IP address most recently used to log in, and the date of the most recent visit are among the stolen data, according to a review of the databases on the three biggest websites.

Source: https://securityaffairs.com/53387/data-breach/adultfriendfinder-data-breach-2016.html

TPRM report: https://scoringcyber.rankiteo.com/company/friendfinder-networks-inc-

"id": "fri22551123",
"linkid": "friendfinder-networks-inc-",
"type": "Breach",
"date": "11/2016",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'customers_affected': 412000000,
                        'industry': 'Adult Entertainment',
                        'name': 'AdultFriendFinder',
                        'type': 'Organization'}],
 'attack_vector': 'Remote Code Execution',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 412000000,
                 'personally_identifiable_information': ['Email addresses',
                                                         'Usernames',
                                                         'IP addresses'],
                 'type_of_data_compromised': ['Email addresses',
                                              'Usernames',
                                              'Passwords',
                                              'Site membership information',
                                              'IP addresses',
                                              'Date of the most recent visit']},
 'description': 'The organisation that runs AdultFriendFinder and additional '
                'pornographic websites suffered a hack; 412 million accounts '
                'were compromised. The inadequate security procedures of the '
                'organisation allowed for the cracking of almost all account '
                'passwords. In the hack, deleted accounts were also '
                'discovered. It was discovered that an attacker remotely might '
                'execute malicious code on the target web server by taking '
                "advantage of the AdultFriendFinder website's vulnerability. "
                'Email addresses, usernames, passwords, site membership '
                'information, the IP address most recently used to log in, and '
                'the date of the most recent visit are among the stolen data, '
                'according to a review of the databases on the three biggest '
                'websites.',
 'impact': {'data_compromised': ['Email addresses',
                                 'Usernames',
                                 'Passwords',
                                 'Site membership information',
                                 'IP addresses',
                                 'Date of the most recent visit'],
            'systems_affected': ['Web server']},
 'post_incident_analysis': {'root_causes': ['Inadequate security procedures',
                                            'Web server vulnerability']},
 'title': 'AdultFriendFinder Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Web server vulnerability'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.