40 Million Fling.com Users’ Passwords, Sexual Preferences Stolen
The personal information of tens of millions of users of adult dating site Fling.com have reportedly been put up for sale on the dark web. The information includes passwords and personal details such as sexual desires and preferences.
A large trove of credentials and personal details of tens of millions of users from Fling.com, an adult dating website have turned up on an underground marketplace called the Real Deal, as reported by Motherboard.
The online publication was able to gather a sample of the trove of data from a hacker who goes by the moniker – Peace.
The sample contained users’ credentials such as usernames and passwords in plain text, IP address, date of birth, email addresses, and more. The records also revealed the gender of the user, the fetishes that a user is interested in and other personal preferences.
The hacker claims to be selling 40 million accounts in total for a price of 0.8888 bitcoins, approximately $400 in today’s bitcoin-USD exchange rate.
Notably, the legitimacy of the sample was confirmed to be accurate by the person to whom the Fling.com domain is registered to.
In an email, he revealed that the breach had occurred in 2011.
We take internet security very seriously. Our site is free to join and we do not store any credit card information. We’ve investigated the sample data and it is from a breach that happened in 2011.
The sample data was also scrutinized by security researcher Troy Hunt, the operator of Have I Been Pwned, a breach notification website. Upon cross-referencing the data from the records of the breached-credentials database, Hunt reached out to two victims, one of whom confirmed their full password.
A similar breach occurred last year when extramarital hook-up website Ashley Madison was breached, with the details of some 40 million registered users leaked online, making for one of the most infamous cyber breaches of all time.
Featured image from Shutterstock.