Adult Friend Finder, the no-strings sex solicitation service that’s familiar to anyone who’s ever visited a porn site, was apparently just the victim of an enormous data breach, exposing millions of people who clicked banner ads hoping to get laid.

Ars Technica reports that nearly 4 million accounts’ worth of information—including “unique e-mail addresses of current and former subscribers—was leaked to a darknet message board, and has now begun to spread through Twitter. I was able to confirm that the data is still very much out there for anyone to obtain. The person behind the leak, who goes by ROR[RG], claims he hacked Adult Friend Finder because they owed a friend of his money:

ADULTFRIENDFINDER.COM > this is for owing my guy $247,938.28 BITCH!!!!!!!!!!!

You have been ROOTED ;D

Cuz Itz Pay yo DUEZ or we COMIN 4 U!!!!!!

shout outz to Hell for the bandwidth:

The message is followed by download links to 15 different files, bulging with deeply personal information like full names and sexual orientations—as well as credit card information, which the hacker conveniently removed before sharing. Security researchers (and the generally nosy) are already crawling through the data:

ROR[RG] doesn’t seem worried. In a later forum post, he wrote that he was outside the reach of LE (law enforcement), somewhere in Thailand:

i am in thailand

it is a pervo website

they owe my guy money

had it coming clause

pay up or be fucked

i am in thailand

sux to be in the losing end and any LE here i can pay off :)

Adult Friend Finder has yet to comment on the breach.

Contact the author at biddle@gawker.com.
Public PGP key
PGP fingerprint: E93A 40D1 FA38 4B2B 1477 C855 3DEA F030 F340 E2C7