Feds and cops busted as hacker dump exposes ties to adult-dating site
A trove of personal information pertaining to paid account
holders of AdultFriendFinder, a website that touts itself as
letting users “Find a fuck buddy for online sex,” has
surfaced, and its contents suggest employees of local and federal
agencies, including law enforcement, the Navy and the Federal
Aviation Administration have used their government-provided email
addresses to search for partners.
UK’s Channel 4 News confirmed first this week that the website had been hacked and that the information of approximately 3.9 million users had been leaked, including online handles, email addresses and sexual preferences of account holders. Now as that data is perused, new details are emerging that raise questions about what government workers are doing with their official accounts.
READ MORE: Love virus alert: Sexual data of 4mn adult website users reportedly exposed by hackers
Among account holders identified through the leaked details
include individuals with emails linked to the United States
Department of Homeland Security, the FAA, the government of
Augusta, Georgia; the state of Virginia and the Metropolitan
Police Department of Washington, DC.
DHS guidelines prohibit employees from using their government email for “Engaging in any activity that would discredit DHS, including seeking, transmitting, collecting or storing defamatory, discriminatory, obscene, harassing or intimidating messages or material.” The Pentagon says in a 2013 report that “Federal Government communication systems and equipment (including Government-owned telephones, facsimile machines, electronic mail, Internet systems and commercial systems when the federal Government pays for use) shall be for official use and authorized purposes only.” There is an exemption in place for “morale and welfare” communications by employees on extended deployments.
Thousands of gov network accesses to @adultfriendfind from people smart enough to use personal email. Sounds like a job for a FOIA request!
— Andrew Auernheimer (@rabite) May 22, 2015
One of the account holders is registered with a Navy.mil email address, and the hacked account records reveal that the person logged-on to the dating site from an IP address connected to the Navy Network Information Center in Virginia Beach, VA. A cursory Google search of that person’s name suggests they were a civilian employee of the US Navy who was married as of 2002.
Another member, who was interested in BDSM according to the data, used their official Plano, Texas city email address to open an AdultFriendFinder membership, but connected to the site while browsing from a Starbucks.
On the AdultFriendFinder homepage, the website says it connects users who are “Hoping to meet someone special for a hot, sexual relationship or even just a quick fling” and claims the site “has helped millions of people find traditional partners, swinger groups, threesomes, and a variety of other alternative partners.”
Need more coffee before I call up this cop and ask him why his government email address is linked to his AdultFriendFinder account
— Andrew Blake (@apblake) May 22, 2015
In a statement, the company behind the dating website confirmed they had “been made aware of a potential data security issue and understands and fully appreciates the seriousness of the issue.” Mandiant, a Virginia-based security contractor, is helping them investigate.
Andrew “weev” Auernheimer, a security researcher who was analyzing the data on Friday morning, told RT’s Andrew Blake that revelations concerning the use of government accounts to search for sex shouldn’t be surprising.
“Military facilities should not be so incompetent as to allow their employees to freely browse trash like this on the Internet, it’s a major national security risk,” said Auernheimer. “This just goes to show the decadence and obsoletion of the United States government, a place where even our military bases are filled with men actively searching for whores.”
Earlier this month, a Deptartment of Defense audit revealed that Pentagon employees have been using government credit cards on gambling and escort service. In January, the Washington Times uncovered evidence that an employee with the DoD’s Defense Finance Accounting Service tried to access pornographic websites from his work computers more than 12,000 times during 2014.
RT reached out to several individuals identified in the leaked data and their appropriate press representative, including the public information unit of DC’s Metropolitan Police Department, but has not immediately received comment from the affected parties contacted.