Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Over 400m account details reportedly hacked from FriendFinder’s adult sites

Over 400 million user details have reportedly been hacked from FriendFinderNetwork’s network of adult sites, including names, email addresses, passwords and a host of other personal information.

According to , a total of 412 million users’ account details could be affected across a number of different sites owned by Friend Finder, including AdultFriendFinder,,, and among others.

The majority of those details came from AdultFriendFinder, which was also reportedly storing user passwords in either plain text or SHA1 hashed, which can be cracked with relative ease. notes that the hashed passwords had been transformed to lower case, which has the odd effect in this case of making the passwords easier to brute force, but less useful to hackers looking to gain access to other services through reused credentials.

Unfortunately, it seems that users who had deleted accounts may also be affected by the breach, as 15.7 million accounts were found with appended with “@deleted”, suggesting that the data had instead been kept in the system rather than deleted when a user deactivates an account.

And yep, you guessed it, the most used password on AdultFriendFinder was 123456, followed by six variations of the numbers 1 – 9, but all beginning with 12345. The seventh most used password, and the first to be an actual word was…password. Clearly, businesses are required to take steps to keep user data safe but the need for users to also enact some sensible security practices seemingly can’t be overstated.

Across all the reportedly hacked sites, there were 5,650 registered government (.gov) email addresses and 78,301 military .(mil) email addresses.

The hack isn’t the first problem for Friend Finder. In May 2015, nearly four million members’ details were posted online following a similar hack, which makes the poorly hashed passwords particularly disappointing if is correct.

We’ve contacted FriendFinder for a comment and will update if the company responds.

Related: Google Pixel hacked in 60 seconds for $120,000 prize

Watch The Refresh: The best tech news and gossip every week

Do you use strong passwords or just reuse a couple for different services? Let us know in the comments below!

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have 9 million users a month around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.