The data hack counts for up to two decades’ worth of data from the company’s largest sites, according to , the hack happened via a Local File Inclusion exploit.
The attack happened around the same time as one security researcher, called Revolver, disclosed a local file inclusion flaw on the Adult Friend Finder website, which successfully exploited the data once an attacker runs malicious code on the web server.
However, the two online dating websites are not comparable as Ashley Madison offered an online place for married people to cheat on their spouses, while Friend Finder is more of an adult community.
The number of affected accounts almost rivals the Yahoo email hack that compromised 500 million email addresses.
But, when pressed on questions and details, Ballou declined to comment further.
It is also not clear who is behind this latest hack.“While a large number of these claims proved to be false extortion attempts, we did identify and fix a vulnerability that was related to the ability to access source code through an injection vulnerability,” said Diana Ballou, vice president and senior counsel, in an email released on Friday.