AdultFriendFinder is hacked (once more) in October 2016. As stated in LeakedSource, which bought a duplicate associated with the dataset, this figures to over 400m account, most with plaintext passwords, from AdultFriendFinder and associated sites.
This site was assured with a nearby file inclusion exploit, meaning the web site’s signal enabled use of data files throughout the machine which are not allowed to be public.
About a billion profile host the password. Much more than 100,000 get the code “password”.
The non-plaintext accounts are easily broke at any rate, evidently as a result of some roll-your-own encryption that present lowercasing almost everything, SHA1ing it and going back to mattress. […]