back to article Adult FriendFinder users get their privates exposed... again – reports

Hundreds of millions of Adult FriendFinder (AFF) accounts appear to have been exposed once again. A database of usernames, emails, and passwords of footloose and fancy free members, along with those from associated websites, has leaked and surfaced online. The breach has not been confirmed by the site’s parent company …

  1. Anonymous Coward
    Anonymous Coward

    Belts off.

    Pants down.

    Isn't life a scream?

    Wahay!

  2. This post has been deleted by its author

  3. Alan J. Wylie

    Interesting passwords

    From https://www.leakedsource.com/blog/friendfinder

    short:

    43: football

    59: liverpool

    long:

    21 equal: youwillneverwalkalone

    21 equal: ilovemanchesterunited

    (and for the benefit of non-UK readers: You'll Never Walk Alone is the anthem of Liverpool Football Club)

    What is it with footballers?

  4. chivo243 Silver badge
    Coat

    Has the whole world gone Madison? I Ashley think so!

    Trench coat because erm, ah, what were we talking about?

    1. I ain't Spartacus Gold badge

      I walked into the sitting room yesterday to see the end of an advert on TV. For Ashley Maddison. Co-incidence or conspiracy... It always looked more like the name of a law firm to me, rather than a dating/shagging site.

  5. GrapeBunch

    400 million accounts? I wonder how many of those are "managment" accounts. I don't mean "staff" accounts, I guess I mean "database management" accounts. For example, to convince male clients that there are sufficient female clients. And how many are some guy setting separate accounts with every gender / gender orientation / age / hair colour^H^H^H^H^H^Horientation he can think of, to generate the max number of "hits".

    1. Pseudonymous Clown Art

      Adult Bot Finder.

      One.

      The rest were imported after the Ashley Madison leak to increase credibility.

  6. Scaffa

    "El Reg contacted FriendFinder Networks via its web form inviting comment on the breach. We'll update this story once they confirm if Dabbsy needs to change his password."

  7. Tikimon
    WTF?

    I'm getting reluctant to sign up for ANYTHING

    I have a legit concern about ending up in a Hotel California Database, where you can check out, but never Delete. That's one of the more obvious ways companies lie to and abuse their users/clients. How can we trust anyone anymore?

    I'm not one to run to Government to solve many problems (it rarely does) but I'm all for legislating crippling financial penalties for keeping supposedly deleted data.

    1. Anonymous Coward
      Anonymous Coward

      Re: I'm getting reluctant to sign up for ANYTHING

      I on the other hand would like government to do something about it, and I'm not at all apologetic about that.

      The data-mining gold-rush has gone on long enough, and now it's time to rein it in. If a side effect was, for example making facebook unprofitable to operate in Europe, I'd be ok with that.

      1. VinceH

        Re: I'm getting reluctant to sign up for ANYTHING

        "The data-mining gold-rush has gone on long enough, and now it's time to rein it in. "

        Agreed. I'd say enough is enough, but IMO things have already gone way past the 'enough' stage, and has long since left even 'more than enough' behind.

        BrexitDelete means BrexitDelete!

        1. veti Silver badge

          Re: I'm getting reluctant to sign up for ANYTHING

          BrexitDelete means BrexitDelete!

          As the poet has it, "The moving finger writes, and having writ/Moves on, nor all thy piety nor wit/Shall lure it back to cancel half a line,/Nor all thy tears wash out a word of it".

          Time was, people had to live with what they published. Now it seems everyone wants the right to have their own past words forgotten, even though they blazoned them forth to the world at the time.

          Newsflash, publishing is a one-way process. Thanks to the wonders of modern trade and manufacturing, for the price of a cup of coffee you can buy everything you need to keep your private thoughts to yourself: a pen and an exercise book, to keep in your bedside drawer.

          1. Pascal Monett Silver badge
            Trollface

            Re: you can buy everything you need to keep your private thoughts to yourself

            But then how do you get likes ???

          2. codejunky Silver badge

            Re: I'm getting reluctant to sign up for ANYTHING

            @ veti

            "Time was, people had to live with what they published. Now it seems everyone wants the right to have their own past words forgotten, even though they blazoned them forth to the world at the time."

            Time was, people were allowed to have an opinion or even discuss. Now people look to be offended or brand their critics to shut down discussion or thought. Your comment is spot on but I wonder how many people want to retract their comments and accounts due to the crying mob.

            1. VinceH
              Thumb Down

              Re: I'm getting reluctant to sign up for ANYTHING

              @veti and @codejunky

              Ref published material - by which I mean anything that is put online somewhere public by the originator or someone acting on their behalf - I agree.

              But the material that is the subject of this article isn't published material, it's the underlying database of people's accounts - their unpublished email addresses, passwords, and so on.

          3. Cuddles

            Re: I'm getting reluctant to sign up for ANYTHING

            "Time was, people had to live with what they published. Now it seems everyone wants the right to have their own past words forgotten, even though they blazoned them forth to the world at the time."

            Firstly, as already noted, there's a big difference between having your publicly published words remembered and having your private details leaked through no fault on your part. Secondly, and more to the point, time was people were happy to live with what they published because there was no chance the vast majority of people would ever see it, let alone remember it. The problem isn't that people's behaviour has changed or that their sense of responsibility or entitlement has changed, the problem is that people have stayed exactly the same but technology has completely changed the consequences of their actions. Back in the day, you could say something as a drunk teenager, the only people who would ever know would be the people in your village, and no-one would remember or care by the next week anyway. Now, you can do exactly the same, and 10 years later it suddenly goes viral on Twitface and ruins your life.

            It may be fair to say that this is the world we now live in and people just need to learn how to behave in it. But it's entirely understandable that people have not, in fact, learned how to do so just yet considering that most of the technology in question has only been around for a decade or two at most. It's not particularly unreasonable that some people might want to makes changes to the technology involved to allow social animals to continue behaving the way they have for millions of years, rather than immediately accepting that things have changed and that a world with the internet won't allow the same behaviour as a world populated by small communities of apes.

    2. Captain DaFt

      Re: I'm getting reluctant to sign up for ANYTHING

      And now, a few pearls of wisdom from Fats Waller:

      "Never give em your real name...NO NO NO""

      "One never knows, do one?"

      "If you don't know what it is, don't mess with it."

      1. VinceH

        Re: I'm getting reluctant to sign up for ANYTHING

        "Never give em your real name...NO NO NO"

        Real name? Don't even use your 'real' (or primary) email address!

        I'm sure I'm repeating myself, but IMO the approach of using a unique, per company/site/whatever email address is now as much a security* precaution as it was its original purpose of keeping a track on which buggers were playing fast and loose with the rules on trading data and marketing.

        * I could add privacy, but in my case looking up the domain is all someone needs to do. However, it wouldn't be difficult to ensure privacy as well.

  8. Anonymous Coward
    FAIL

    Uhm, right...

    I guess, and can understand, some people get highly aroused by some penetration (pun intended) but the fact which really wonders me here is that this is the second time this has happened. Sure, they haven't officially confirmed it yet (as they did last year) but it would appear as if they learned nothing at all.

    But the thing which bothers me the most: where is the regulation in this? A bunch of (IMO) idiots claim that cookies are the source of all privacy evil (I have to be honest: they can be) so right now almost every site bugs you about cookies. Highly annoying and it usually doesn't solve anything because it basically boils down to "do it our way, or go the digital highway". "We use cookies", well, that's fun but it doesn't tell me anything about what cookies.

    Yet when it comes to data security then it almost appears as if there are no rules and regulations at all. There are strict rules to comply to when it comes to handling credit card information, but I get the distinguished feeling that those rules are all theory and are hardly getting enforced at all. How else can you expect that a website gets millions of accounts stolen, and the next year piratically the same thing happens yet again?

    BUT... I'm sure they warned me about the use of cookies, so that's good. Right?

    I'll just get my coat now.

    1. 404
      Headmaster

      Re: Uhm, right...

      'Distinct' not 'distinguished'... ;)

      You can have a very distinguished coat,complete with the distinct odor of bacon - but not the other way around..

      1. John Brown (no body) Silver badge

        Re: Uhm, right...

        Partially correct. The odour of bacon is very distinguished!

        1. Jamie Jones Silver badge

          Re: Uhm, right...

          Hey, maybe his feelings have done some respectable things in their lifetime to warrant such a title? :-)

  9. Nolveys
    Coat

    Enough Is Enough!

    It's time for stiff penalties for people who penetrate the private areas of servers! These people need to be introduced to some deep, dark hole to do some very long and very hard time!

    1. That_Guy

      Re: Enough Is Enough!

      Sounds like cappn' salt has an aff account.

  10. Alan Brown Silver badge

    passwords:

    "Certificate management firm Venafi claimed that private information such as passwords appeared to have been protected using only the obsolete SHA-1 hashing algorithm."

    If so, that's _marginally_ better than previously when they were stored in plaintext.

  11. Anonymous Coward
    Anonymous Coward

    Sheesh

    Using Mysql/Innodb on a system this size?

    It's no wonder it keeps falling over.

    www.adultfriendfinder.co.uk appears to be down today. I wonder why?

    1. John Brown (no body) Silver badge

      Re: Sheesh

      Maybe it found a friend?

    2. CommanderGalaxian
      Devil

      Re: Sheesh

      It's alright. It's back up now. Just checked.

  12. Teiwaz

    Exhibitionist FriendFinder

    After all this, you'd need to be to continue to use the service.

  13. Anonymous Coward
    Anonymous Coward

    May I commend the article on the picture?

    A rug on a rug on a carpet with the man wearing a bra as a hat. Personally I've never used discarded clothing as apparel but I may need to rethink this approach.

    1. Jamie Jones Silver badge

      lol, bra?

      I think it's a hat!

  14. Jamesit

    Nothing on AFF about the crack,

    The registration form is still up too.

  15. Anonymous Coward
    Anonymous Coward

    Odd pairing

    This article showed up the same day as the "todger stuck in a wedding ring" one. Coincidence?

    Ok, I'll get back in line with the other ACs...

  16. Graham Marsden
    Childcatcher

    Meanwhile, the UK Government still wants Age Verification...

    ... Yes, folks, even though this and many other examples of poor data security show that handing over such private information to websites is not a good idea, the Conservative Government is pushing ahead with their plans to force all Adult sites to install Age Verification software as part of their "Think Of The Children" scheme to look good in the right wing press.

    And, of course, they're even talking about demanding a Great Firewall of Britain to block any sites accessible in the UK which don't do this, even those which are hosted in another country!

    Talk about clueless... :-(

    But don't just get mad about this, contact your MP via http://www.writetothem.com and tell them that you won't stand for this sort of State Intrusion on private matters and that the responsibility for what children do on the interwebs is the responsibility of the *parents*, not the State, nor you and me.

  17. tiggity Silver badge

    Useful for spammers

    The database is probably worthwhile to spammers as the people gullible enough to sign up to such a site might actually take some spams seriously.

    (Obviously there is a tiny chance that AFF is actually populated with masses of genuine nymphos desperate to meet people is not just choc full of fake bot accounts to get credit card signups & make cash. However it's about as likely as me belching out rainbow unicorns)

  18. Banksy
    Paris Hilton

    Never heard of it

    I've never heard of this website before. A friend might have mentioned it to me in the past though.

  19. hi_robb

    hmm

    Organisation?

    Orgasmation surely..

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like