A hacker named ROR[RG] broke into online dating site Adult FriendFinder and the exposed personal information of about 3.5 million users, including their sexual preferences and fetishes.
The hack took place in March and was first discovered by a web developer who blogged about it in April, but the site wasn't named until Britain's Channel 4 revealed it this week.
[New] Hacked! How safe is your data on Adult Sites? ~ TekSec https://t.co/7ZG673AsZc #hacked #databreach #infosec
The dating site boasts its ability to accommodate the desires of its clientele of more than 64 million subscribers who seek a range of romantic and sexual encounters.
"Adult FriendFinder has helped millions of people find traditional partners, swinger groups, threesomes, and a variety of other alternative partners," its website reads.
When users sign up, they are encouraged to detail their sexual preferences, including their personal desires. This information -- in addition to email addresses, passwords, birthdays, and zip codes -- was revealed through the hack.
CNN reported some users are beginning to be identified by name, and that those who dwell in smaller towns are especially vulnerable to exposure.
Some hackers have already taken the leak as an opportunity to smear some of its users, which reportedly include a state tax worker from California, a navy intelligence official, and a police academy commander from Washington.
Thanks to @adultfriendfind's shit security, I now have a list of millions of people tagged by sexual preferences. Lulz will come of this.
The site's parent company, FriendFinder Networks, released a statement on May 22 explaining the security measures in place to protect its users and prevent further damage.
The corporation has launched an investigation to broaden its security protocol, and has disabled the function that allows users to search for others on the site based on their username, as many were exposed through the hack.
FriendFinder has also reached out to the FBI for its help to look further into the cyber invasion.
"As is common with similar cyber-attack events, until the investigation is completed, it will be difficult to confirm the full scope of the incident," the statement read.
The company will nonetheless "continue to work vigilantly to address this potential issue and will provide updates on this site as we learn more from our investigation."