According to LeakedSource, a breach notification website, disclosed the incident fully on Sunday and said the six compromised databases exposed 412 million accounts, with the bulk of them coming from AdultFriendFinder.com.
The hack includes data from more than 339 million accounts on AdultFriendFinder.com, which advertises itself as the “world’s largest sex & swinger community,” and millions of accounts on sex sites Penthouse.com and Cams.com, Leaked Source reported.
Passwords were encrypted, but insecurely, and LeakedSource says it has managed to crack 99 percent of them. It’s not clear who was behind the attack, though Leaked Source says it occurred in October 2016. “Over the past several weeks, FriendFinder has received a number of reports regarding potential security vulnerabilities from a variety of sources,” FriendFinder Networks Vice President and Senior Counsel Diana Ballou told ZDNet.