Adult friend finder
But an email trail on that a warning about the leak was sent by a cyber security consultant on 12 March.
Around two hours later an employee at Friend Finder Networks then replied with a “read receipt” to say that the warning email had been read.
The source IP addresses collected can even provide pinpoint street locations for attacks.
The attack methodology deployed in this instance was not released, but it would be fair to assume that it leveraged a kind of SQL Injection attack or similar, where the information is wormed out of the back-end database through a flaw in the webserver.
According to the ill-gotten info, 1,596 of the 26,939 users with United Kingdom email addresses are female, which means there’s a 16-to-1 ratio of men to women on the site.
If images of catfishing dudes in dark rooms come to mind, you’re not alone.
“Friend Finder employees receive hundreds of sales and marketing spam messages daily, including many from third party cyber security consultants, and any earlier communication on this specific issue was directed to junk mail folders and not considered a legitimate email,” the company said in a statement.
In addition to launching an internal review, Friend Finder Networks has hired Mandiant, a high-profile cybersecurity company, to investigate the hack, and is working with the FBI.
Meanwhile, the person who originally dumped the information on the so-called darkweb, who uses the nickname ROR[RG}, is demanding more than £10,000 for access to the database of users, and capitalising on the news by marketing his cybercrime services.
Channel 4 reported that within hours of the data being posted online, hackers began swarming to buy email addresses to target with them phishing scams.
One victim told the station he'd already been hit with virus-laden emails.