Databases containing 3.8 million adult dating and Naughty America users’ web accounts are up for sale on a dark web marketplace.
As reported by Infosecurity Magazine, a hacker is advertising several leaked databases on the underground web forum The Real Deal. Those databases are believed to contain 3.8 million users’ information, which includes account credentials stolen from the adult-themed production house Naughty America.
The price tag for the information is just US$300, or about eight-thousandths of a cent per each compromised account. That offer could reflect the going rate for stolen adult dating user accounts, or it could be due to the fact that each of the account passwords are either old or protected by bcrypt, a strong cryptographic algorithm which takes time and resources to break.
At this time, Naughty America and other adult content sites allegedly affected by the data leak have yet to confirm whether the stolen information is legitimate.
Security researcher Troy Hunt has received at least one user confirmation via his HaveIBeenPwned service. That user allegedly created an account with Naughty America and soon after canceled their subscription.
Thomas Fox-Brewster, a writer for Forbes.com, reports he has also received a few users’ confirmations.
Naughty America and Suite703 are just two of the latest adult websites to be breached. Back in July 2015, news first broke about a group of hackers who leaked sensitive internal data stolen from the parent company of Ashley Madison, another adult dating website. Ultimately, the hackers published all 37 million Ashley Madison users’ account information online.