Adult Friend Finder: When Bad Websites Happen to Good People

Adult Friend Finder

Two weeks ago, Adult Friend Finder was just a place where “you can finally be who you are and be accepted.” Now, its users aren’t so sure.

Last week, the UK’s Channel 4 News revealed that hacker ROR[RG] had released stolen data from Adult Friend Finder, including email addresses, birthdates, postal codes and sexual preferences and desires. To date, compromised users have received phishing emails; many are also confronting the collision of their online and in-person selves. 

According to “Kim,” a user interviewed by CNN Money, "This is not something that just goes away. People will know you're the guy into swapping partners with your wife. Or you're the burly football player who's bisexual. I wish we lived in a world in which your personal preferences didn't matter. But we do, and it sucks."

Initially, ROR[RG] appeared to be motivated by little more than an airing of secrets; more recently, however, the hacker offered to sell the complete set of data—a possible source of credit card information—as well as his hacking services.

Nearly 4 million users of Adult Friend Finder are unquestionably victims of ROR[RG], yet it’s hard to lay blame on this individual. Technology has outpaced policy, a fact that gives the average ROR[RG] considerable power over the average dating website user.

As such, it’s easy to adopt the attitude that you only have yourself to blame when your information is exposed. In response to the discovery that many users, including government employees, registered for Adult Friend Finder accounts with work email addresses, CSO reported, “Rather amazing that people would do such a thing…I will offer that if you’re going to sign up for a service like this that you make use of a throw away email and limit what information you do share.” Don’t want your boss to find out about your online dating habits? Create a new email account on your lunch hour.

Blaming user indiscretion, however, overlooks the real problem: a lack of accountability for companies to keep their users’ data secure. In 2012, the Electronic Frontier Foundation rated the privacy and security practices of online dating websites including Adult Friend Finder, eHarmony and Match. The takeaway: security is bad. If you care about your personal information, don’t ever login from shared internet. 

Which is why the modern lover is stuck. He has a human right to privacy, his peers support his choice to reveal an intimate glimpse of himself to a select group of people (59% of Americans believe online dating is a good way to meet people) and yet he can’t find a website to trust.

Adult Friend Finder is no exception. Not only was it slow to post a rather discrete link to information on the ‘security incident,’ it may have ignored initial warnings about the hacked data altogether. Data Breach Wall of Shame posted email correspondence revealing that Adult Friend Finder was first alerted to the security breach on March 12. Adult Friend Finder maintains that it never received this notifying email, despite issuing a read receipt in response.

Ultimately, Adult Friend Finder will find itself faced with data protection lawsuits. May these provide the opportunity users need to hold companies accountable for products that compromise consumer rights.