The Friends Finder Network is one of the world’s largest dating and swingers platform in the world and it seems are the latest victim of a massive data breach which has compromised over 400 million user accounts. The Friends Finder Network owns the following list of adult websites: i) Cams.com ii) adultfinder.com iii) penthouse.com iv) stripshow.com v) icams.com to name a few. And it seems given the network’s weak security protocol, all users for all of these websites have had their details breached. You would think that that’s bad enough, but the bad news just keeps on rolling in. Even those people who had deleted accounts won’t be happy, as their details have also been taken in the hack.
Now before I go on, it’s worth remembering that back in August of last year (2015) – the website that promoted extra marital affairs, Ashley Madison, had its details leaked. The ramifications of this were huge as the data breach led to a whole raft of divorces, firings and even some suicides. It was brutal!
It transpired that a local file inclusion flaw existed which could allow hackers to place any type of malicious code within the site’s code. The website Revolver did bring to the world’s attention this security flaw, and immediately after the hack were blamed. But they have repeatedly denied that they were behind the hack and strongly believe the culprits of the Friends Finder Network to be Russian Hackers.
Leaked Source were the first to bring the news of the hack to the market. In their own words, LeakedSource is a breach notification website that specializes in bringing hacking incidents to the public eye.
Not only did they let the world know of the hack, but they also tried to crack people’s password post breach. To no one’s surprise, most peoples’ passwords were actually pretty lame. See the list below:
| Rank | Password | Frequency |
| 1 | 123456 | 900,420 |
| 2 | 12345 | 635,995 |
| 3 | 123456789 | 585,150 |
| 4 | 12345678 | 145,867 |
| 5 | 1234567890 | 133,414 |
| 6 | 1234567 | 112,956 |
| 7 | password | 101,046 |
| 8 | qwerty | 86,050 |
| 9 | qwertyuiop | 43,755 |
| 10 | 987654321 | 40,627 |
| 11 | 123123 | 39,614 |
| 12 | 111111 | 38,848 |
| 13 | pu**y | 37,938 |
| 14 | f**kme | 36,008 |
| 15 | asdfghjkl | 35,021 |
| 16 | 000000 | 34,631 |
| 17 | f**kyou | 34,498 |
| 18 | abc123 | 34,080 |
| 19 | 00000 | 33,796 |
| 20 | 11111 | 33,263 |
| 21 | 55555 | 31,524 |
| 22 | 54321 | 31,278 |
| 23 | 123452 | 30,111 |
| 24 | 654321 | 29,624 |
| 25 | pwd1234 | 28,061 |
| 26 | zxcvbnm | 27,237 |
| 27 | iloveyou | 24,155 |
| 28 | qwert | 22,499 |
| 29 | 666666 | 21,629 |
| 30 | asdfg | 20,696 |
| 31 | 0123456789 | 20,485 |
| 32 | azerty | 19,700 |
| 33 | 0987654321 | 19,641 |
| 34 | france | 19,559 |
| 35 | abcd1234 | 19,056 |
| 36 | password1 | 18,677 |
| 37 | fffff | 18,461 |
| 38 | 112233 | 18,152 |
| 39 | 696969 | 18,150 |
| 40 | 123321 | 17,703 |
| 41 | 121212 | 17,302 |
| 42 | asdfgh | 16,400 |
| 43 | football | 16,080 |
| 44 | 12345678910 | 16,054 |
| 45 | abcde | 15,789 |
| 46 | qwerty123 | 15,286 |
| 47 | 1qaz2wsx | 14,885 |
| 48 | 123123123 | 14,691 |
| 49 | pakistan | 14,173 |
| 50 | aaaaa | 13,543 |
| 51 | barcelona | 13,170 |
| 52 | f**koff | 12,977 |
| 53 | bigd**k | 12,725 |
| 54 | 102030 | 12,564 |
| 55 | a**hole | 12,512 |
| 56 | 7777777 | 12,280 |
| 57 | baseball | 12,213 |
| 58 | qazwsx | 12,181 |
| 59 | liverpool | 12,129 |
| 60 | f**ker | 11,996 |
| 61 | s**s*x | 11,956 |
| 62 | f**king | 11,924 |
| 63 | 987654 | 11,706 |
| 64 | 555555 | 11,680 |
| 65 | aaaaaa | 11,599 |
| 66 | abcdef | 11,599 |
| 67 | daniel | 11,541 |
| 68 | 0000000000 | 11,400 |
| 69 | 222222 | 11,271 |
| 70 | carlos | 11,256 |
| 71 | superman | 11,181 |
| 72 | teamo | 11,044 |
| 73 | 123654 | 11,032 |
| 74 | 159753 | 10,995 |
| 75 | dragon | 10,809 |
When you read that list above, remember to change your own passwords regularly. It turns out that Leaked Source were able to crack 99% of the passwords, which is pretty damn impressive. But for some reason have since had their Twitter Account banned.
This story is just the beginning. From the last time we know how it’ll play out. At some point, the list will be leaked which will inevitably lead to a lot of misery for people.
We here at Total Shred are keeping very much on top of this story and aim to give you the latest updates as and when we get them. But for now, stay safe, and change your passwords regularly.