(Reuters) – Login credentials for over 412 million users of adult websites run by California-based FriendFinder Networks Inc. were compromised last month in the largest hack of 2016, according to breach notification website LeakedSource.com.
Compromised data includes nearly 340 million credentials for Adultfriendfinder.com, which bills itself as “the world’s largest sex and swinger community,” some 63 million records from video sex-chat site cams.com and about 7 million records from adult magazine site Penthouse.com, LeakedSource said in a blog published on Sunday.
Asked if the account from LeakedSource was accurate, the company provided Reuters with a statement saying it had brought in outside experts to help review the matter.
“FriendFinder takes the security of its customer information seriously and is in the process of notifying affected users to provide them with information and guidance on how they can protect themselves,” FriendFinder said in the statement.
“Our investigation is ongoing but we will continue to ensure all potential and substantiated reports of vulnerabilities are reviewed and if validated, remediated as quickly as possible,” it said.
If LeakedSource’s claims are confirmed, the number of email addresses would account for more than ten times the number exposed in last year’s high-profile hack of infidelity website Ashley Madison. That attack prompted class action lawsuits and an investigation by the US Federal Trade Commission.
LeakedSource said it was able to view passwords for 99% of the credentials.
It said that some 78,301 of the accounts were registered to .mil email addresses, which are used by the US military, and another 5,650 were .gov addresses used by US government agencies.
(Reporting by Jim Finkle in Boston; Editing by Dan Grebler)