NEW YORK — Adult FriendFinder, a dating website that got hacked last year, is investigating claims that millions of customers have had their personal information exposed in a second hack.
The potential damage could affect 412 million accounts because the company, Friend Finder Networks, has so many different operations.
It runs the popular swinger and alternative dating website AdultFriendFinder.com. It operates the sex chatting services Cams.com, iCams.com, and Stripshow.com. And it previously ran the porn site Penthouse.com.
A group of independent security researchers, who call themselves LeakedSource, said the hack includes 15 million people who thought they had deleted their accounts.
In a statement, the company said it has hired outside investigators to make sure website flaws “are reviewed and if validated, remediated as quickly as possible.”
The company also stated that it “is in the process of notifying affected users… how they can protect themselves.”
CNNMoney has received samples of the stolen data from cybersecurity professionals and the hacker who has claimed responsibility. CNNMoney sent those samples to Friend Finder Networks, but the company has not yet confirmed they are legitimate.
A hacker, who goes by the name 1×0123, posted images last month purporting to prove the hack occurred on September 7.
The hacker told CNNMoney the user data is now being sold online for $4,000. “Everything is for sale these days, and I’m hungry,” the hacker said.
David Kennedy, CEO of cybersecurity firm TrustedSec, said the stolen database is being offered for sale on several black market websites.
If confirmed, this would be the second embarrassing episode for the company. Last year, a hack exposed the sexual secrets of 3.5 million Adult FriendFinder users. That time, the company scrambled to calm down users who were worried that their listed sexual preferences would go public.
It would also be yet another lesson that online dating websites can’t guarantee privacy and anonymity. When hackers exposed the users of cheating website Ashley Madison last year, the information quickly ended up in searchable databases identifying the cheaters.