Feds and cops busted as hacker dump exposes ties to adult-dating site

Reuters/Paul Hackett
The men behind the screen names “Eaglesfan_6969” and “Verywilling2011” are looking for sex, and they’re doing it from government-provided email accounts, according to data pilfered from a hacked dating website.

A trove of personal information pertaining to paid account holders of AdultFriendFinder, a website that touts itself as letting users “Find a fuck buddy for online sex,” has surfaced, and its contents suggest employees of local and federal agencies, including law enforcement, the Navy and the Federal Aviation Administration have used their government-provided email addresses to search for partners.

UK’s Channel 4 News confirmed first this week that the website had been hacked and that the information of approximately 3.9 million users had been leaked, including online handles, email addresses and sexual preferences of account holders. Now as that data is perused, new details are emerging that raise questions about what government workers are doing with their official accounts.

READ MORE: Love virus alert: Sexual data of 4mn adult website users reportedly exposed by hackers

Among account holders identified through the leaked details include individuals with emails linked to the United States Department of Homeland Security, the FAA, the government of Augusta, Georgia; the state of Virginia and the Metropolitan Police Department of Washington, DC.

DHS guidelines prohibit employees from using their government email for “Engaging in any activity that would discredit DHS, including seeking, transmitting, collecting or storing defamatory, discriminatory, obscene, harassing or intimidating messages or material.” The Pentagon says in a 2013 report that “Federal Government communication systems and equipment (including Government-owned telephones, facsimile machines, electronic mail, Internet systems and commercial systems when the federal Government pays for use) shall be for official use and authorized purposes only.” There is an exemption in place for “morale and welfare” communications by employees on extended deployments.

One of the account holders is registered with a Navy.mil email address, and the hacked account records reveal that the person logged-on to the dating site from an IP address connected to the Navy Network Information Center in Virginia Beach, VA. A cursory Google search of that person’s name suggests they were a civilian employee of the US Navy who was married as of 2002.

Another member, who was interested in BDSM according to the data, used their official Plano, Texas city email address to open an AdultFriendFinder membership, but connected to the site while browsing from a Starbucks.

On the AdultFriendFinder homepage, the website says it connects users who are “Hoping to meet someone special for a hot, sexual relationship or even just a quick fling” and claims the site “has helped millions of people find traditional partners, swinger groups, threesomes, and a variety of other alternative partners.”

In a statement, the company behind the dating website confirmed they had “been made aware of a potential data security issue and understands and fully appreciates the seriousness of the issue.” Mandiant, a Virginia-based security contractor, is helping them investigate.

Andrew “weev” Auernheimer, a security researcher who was analyzing the data on Friday morning, told RT’s Andrew Blake that revelations concerning the use of government accounts to search for sex shouldn’t be surprising.

“Military facilities should not be so incompetent as to allow their employees to freely browse trash like this on the Internet, it’s a major national security risk,”
said Auernheimer. “This just goes to show the decadence and obsoletion of the United States government, a place where even our military bases are filled with men actively searching for whores.”

Earlier this month, a Deptartment of Defense audit revealed that Pentagon employees have been using government credit cards on gambling and escort service. In January, the Washington Times uncovered evidence that an employee with the DoD’s Defense Finance Accounting Service tried to access pornographic websites from his work computers more than 12,000 times during 2014.

RT reached out to several individuals identified in the leaked data and their appropriate press representative, including the public information unit of DC’s Metropolitan Police Department, but has not immediately received comment from the affected parties contacted.