The names and email addresses of more than 3 million members of the sex and hookup site Adult FriendFinder have been released online. Details of the security breach were reported by the U.K.'s Channel 4 Thursday.
One of the largest dating websites, Adult FriendFinder bills itself as a place to "hookup, find sex or meet someone hot now" and has over 64 million members worldwide.
The hacker claiming responsibility, who goes by the handle ROR[RG], posted several spreadsheets detailing the data records of more than 3.5 million users. According to PC World, the leaked information was first identified on the dark web in March. Channel 4 reported that within hours of the data being posted online, hackers began swarming to buy email addresses to target with them phishing scams. One victim told the station he'd already been hit with virus-laden emails.
Considering the personal nature of the leaked information and its source, the hack could also open victims to blackmail schemes.
In a statement, California-based FriendFinder Networks Inc., which owns Adult FriendFinder and about 20 other dating sites, said it had "just been made aware of a potential data security issue" and that it had begun working with law enforcement and cybersecurity forensics firm Mandiant, part of FireEye.
"Until the investigation is completed, it will be difficult to determine with certainty the full scope of the incident, but we will continue to work vigilantly to address this potential issue and will provide updates as we learn more from our investigation," the statement said. "We cannot speculate further about this issue, but rest assured, we pledge to take the appropriate steps needed to protect our customers if they are affected."