Adult dating site hack exposes sexual secrets of millions

originally posted by: roadgravel
How can someone criticize the NSA and be OK with this. Illegally obtained data is still illegally obtained.

One is a criminal, the other supposedly there to be your protector.

When the lines blur, you can then wonder where the line ever was, if it was, at all.

originally posted by: roadgravel
a reply to: Shamrock6
I don't often look for "funny cat pictures" but I do believe the people who do it have a right to privacy about it if they so desire.

I hope the NSA had to build complex software filters and wastes much time digging through and dumping the cat picture traffic. Maybe I should get into those picture in order to increase their load.

Funny cat pictures... ends up on some bdsm site.

no thanks !!! I'll leave the cheeseburgers for those miscreants..

originally posted by: randomspecific
A truly worrying side to this incident is revealed:

rt.com...

One of the account holders is registered with a Navy.mil email address, and the hacked account records reveal that the person logged-on to the dating site from an IP address connected to the Navy Network Information Center in Virginia Beach, VA. A cursory Google search of that person’s name suggests they were a civilian employee of the US Navy who was married as of 2002.

People registering and accessing this site from their work email. This becomes a major issue when said employees work for national security/lea. Embarrassing enough when your neighbours find out what rocks your boat. What about when individuals open themselves up to blackmail and work within sensitive institutions/government departments.

Surely that then becomes a national security issue.

What???? You mean the Navy doesn't have packet filters and access rules in place to prevent someone from getting to an adult site or a known dating site? Now that is crazy.

originally posted by: roadgravel

originally posted by: sn0rch

originally posted by: caladonea
a reply to: wasaka

You can be sure the FBI has a sting operation in place to catch these hackers...they will soon find out how truly foolish they really are. Their next home will be a prison cell.

Really?

I guess the silly hackers wouldn't think of things like that.. ?

Does Sabu and the activities around him ring a bell...

Nope. I watched lulzsec come and go. He was not just a hacker, but a pawn. Informant. I don't quite see the connect here...

How will the fact that sabu sold out, entrap people with information already leaked? I am confused, sorry.

originally posted by: caladonea

originally posted by: sn0rch

originally posted by: caladonea
a reply to: wasaka

You can be sure the FBI has a sting operation in place to catch these hackers...they will soon find out how truly foolish they really are. Their next home will be a prison cell.

Really?

I guess the silly hackers wouldn't think of things like that.. ?

Narcissistic people often think they are beyond the boundaries of the law.

Often, more than not, they are, if they are well equipped with the knowledge and understanding that reaches far beyond some entity that employs some glib company to protect their e-security.

My point was, this is the dark web. hackers on the open web are script kiddies. hackers down there, are far more likely to have experience, support, a knowledge base, and various avenues of eluding the plod, who are chasing 13 yr old kiddies.

Also, that as this was not a high profile attack, imo, it was basic. a gesture. no one is going to proclaim victory in capturing someone involved in this. it's just not that big. but oh I do not doubt if they do, the person will be made an example of.

No jobs, no future.. another wannabe mitnick sans the glory.

a reply to: sn0rch

Because people who has misplaced trust and consorted with him appears to have been tracked down as he rolled on those connected to him and set them up for the FBI.

Refer to this thread
www.abovetopsecret.com...

The value of data is hard to quantify. Granted this hack may seem low level (most likely is as details have been released quickly) but it is worth taking into consideration what could be achieved by attacks like this.

Imagine if this hack was still unpublished/unknown. There is the possibility that individuals could be targeted due to their sexual preferences and blackmailed. Said individuals might not have access to sensitive data but can still be valuable.

Using blackmail as a lever to then get information on organisations that would help in social engineering attacks would be one way of utilising the data gathered. It doesn't take a huge leap of imagination to envisage how enemy players could use/abuse this kind of data.

Oh noes!!!!

All those closet puritans are going to have their dirty laundry revealed!!

The humanity!!!

And used against them for blackmail? Well let that be a reminder that there isnt much you can hide these days.

On the other hand, whatever legal relationships you choose to participe in are you're own damn busines.

And the identity theft potential is probably high, since people use the same passwords, and that sucks.

The bit about it being a dating website is hilarious though.

-Tenth

a reply to: sn0rch

Meh. Never said it was the crime of the century. But to act like the government doesn't offer to employ hackers they catch is a bit silly.

a reply to: wasaka

Not sure how I feel about this.

The gleeful attitude of these hackers wanting to blackmail people is a bit disturbing, however, anyone who put such personal info on a site like that was asking to be exposed and exploited. So I honestly don't feel to bad for these people.

That's like saying "you wrote your personal info down on a piece of paper and someone broke into your house and took it, you were asking for it so I don't feel bad for you."

Those people were not asking to be extorted by some ***hole.

Overall doesn't seem right to go on that they deserved it, but how the net is now it's safe to say if you're not cautious with the transmission and storage of information someone or someones can access for their benefit-not even talking NSA here which probably have a field say with this already. It's one of those more raunchy sites from what I understand. That can not only ruin(some deservedly) relationships in dishonesty such as with cheating or disgustingly praying on young people, but ruin lives of the more innocent types am sure. It's a reminder to be careful once it's on the net, in a cloud storage, or even on your computer, it can be accessed.

I am on a wifi system with a number of other people plus i never use my name or other identifying information on sites i don't want tracked.

Yes the NSA could track me and both my nom de plume's but any hacker will find it imposable to link them to me.

I don't understand the OP logic of calling someone stupid for attempting to meet sexually kindred spirits through the only way that society allows one to politely and appropriately do so. Sure, many of this site's users were probably just looking for one night stands and other such loveless activities that are not worth risking one's reputation over, but others were likely people with unusual and socially embarrassing sexual preferences who were lonely and trying to reach out and meet others like them, which is commendable depending on your point of view, and at the very least admirable in its humanity. If it were just about lust they could just load up some porn, but people posting personally compromising info online in order to meet others like themselves implies those people are longing for a human connection and that's beautiful. The beauty may be hard to see if someone else's sexual identity is too different from one's own, but it's there nonetheless. I feel a little compassion is in order. The real idiots here are the ones gleefully trying to profit off of threatening and shaming people who thought their secrets were safe with the company.

originally posted by: IShotMyLastMuse
So this guy gives out his hacking ID, openly posts on a forum that he wants to bribe the website aaaaaaaaaand wants to get away with it?
I am not sure if i should say the story is fake, or that he personally lied or that this hacker has the IQ of tuna salad.

Sounds like a fishing operation to me...hoping to hook like minded hackers who aim to jump on the extortion bandwagon.

Hope they catch the bastards.

I've been using the web since around 1999~

naw..... TMI in the stuff I was going to post...keep a lid on it

Wow, the "Friend Finder" network is like one of the longest-lasting Internet dating companies - when you combine all their different "main" sites. They also "co-brand" each "main" site liberally. If the "AdultFriendFinder.com" site is compromised, then all the "co-brands" of that site are also compromised. The "co-brands" are basically little more than aliases of one of the "main" FF sites - with somebody getting some sort of commission on the members that join via that "co-brand".

There may be people who are subscribed to one of the many "co-brands" who do not know the underlying "main" site is effected. For example, they think they are on something like ... "AffairHotel.com", which maybe is just a co-brand of "AdultFriendFinder.com". They here on the news that "AdultFriendFinder.com" is compromised, and think it does not affect them.

Looks like their current "main" sites are (based on this link on their page):

• FriendFinder.com
  
• Amigos.com
  
• AdultFriendFinder.com
  
• AsiaFriendFinder.com
  
• KoreaFriendFinder.com
  
• FrenchFriendFinder.com
  
• SeniorFriendFinder.com
  
• JewishFriendFinder.com
  
• ItalianFriendFinder.com
  
• IndianFriendFinder.com
  
• GermanFriendFinder.com
  
• PerfectMatch.com
  
• FastCupid.com
  
• BigChurch.com
  
• YoungAtHeart.com
  
• BreakThrough.com
  
• GayFriendFinder.com
  
• GradFinder.com
  
• SocialFlirt.com
  
• GayFriendFinder.com
  
• AdultFriendFinder.com
  
• Alt.com
  
• GetItOn.com
  
• NoStringsAttached.com
  
• HotMatch.com
  
• ... and a bunch more.
  

Each of those may have 100's or 1,000's of "co-brands". Although, I would suspect the most heavily co-branded are "AdultFriendFinder.com" and "Alt.com" - being that they appear to be more sex/hook-up oriented and long-standing sites.

PS: Here are some stats from the FFN web-site, what they claim in terms of subscribers, etc.:

Total Registrants on our Websites: 600,000,000+
New Registrants per Day: 180,000+
Total Affiliates: 300,000+
Number of Sites in Network: 40,000+

The "Number of Sites in Network" stat seems like the number of main sites plus all their "co-brands".


PS: The estimated total population of the entire United Stats is currently about 321,000,000 (source). So, they are claiming total user registrations as equivalent to almost double the population of the united states. Which, to me actually does not sound unreasonable.

a reply to: wasaka

Honestly, I think some people have something to loose, but others, who really cares? They put that info online for strangers to see, so whats the difference if a hacker has that same info. As long as they don't use their credit cards, in which case they will be caught, and the website may be sued.

Ooops, another thought. A long time ago FFN had a relationship with a provider of pay-per-view "cams" (maybe it was Cams.com?). Not sure if that is still the case. But, when it was, you used the login for your FF site (which ever one that was) to pay for "cams" activity.

So, yet more private salacious user information to be potentially leaked. e.g. not just that somebody has an account on a particular FFN site and their profile and possibly communications on that site, but any purchased made through that site - possibly including paid web-cam activity.