Today's computers can rapidly guess hashes that may match the real passwords.
Leaked Source says it has cracked most of the SHA-1 hashes.
One large sample of data provided by Leaked Source at first seemed to not contain current registered users of Adult Friend Finder.
But the file "seems to contain much more data than one single site," the Leaked Source representative says.
ALMOST 400 million accounts on sex and swinger site Adult Friend Finder have been allegedly exposed in what is believed to be the biggest security breach of its kind.
The scale of the hack, which was first reported last month, has only now been revealed by stunned data experts who said it is "the largest breach we have ever seen".
The person who found that flaw has gone by the nicknames 1x0123 and Revolver on Twitter, which has suspended the accounts.
The sites breached would appear to include Adult Friend Finder.com, i Cams.com, Cams.com, and Stripshow.com, the last of which redirects to the definitely not-safe-for-work playwithme[.]com, run by Friend Finder subsidiary Steamray.It also would be the second one to affect Friend Finder Networks in as many years.In May 2015 it was revealed that 3.9 million Adult Friend Finder accounts had been stolen by a hacker nicknamed ROR[RG] (see Dating Website Breach Spills Secrets).At the time, FFN Vice President Diana Lunn Ballou released a statement saying: "We are aware of reports of a security incident, and we are currently investigating to determine the validity of the reports." In May last year 3.5 million Adult Friend Finder accounts were exposed in another hack.Peter Martin, Managing Director at IT security firm Reliance ACSN said: "This breach on Adult Friend Finder is the second in as many years which raises serious alarm bells.Friend Finder Networks, stung last year when its Adult Friend Finder website was breached, could not be immediately reached for reaction (see Dating Website Breach Spills Secrets).Troy Hunt, an Australian data breach expert who runs the Have I Been Pwned data breach notification site, says that at first glance some of the data appears legitimate, but it's still early to make a call. "I'd need to see a complete data set to make an emphatic call on it." If the data is accurate, it would mark one of the largest data breaches of the year behind Yahoo, which in October blamed state-sponsored hackers for compromising at least 500 million accounts in late 2014 (see Massive Yahoo Data Breach Shatters Records).It is the second major leak of private user information in less than two years - and it even contains details of DELETED accounts over the seedy service's 20 year history, Leaked Source has claimed.Sister porn sites Penthouse, Stripshow and i Cams have also been skimmed of user data in what cyber security specialists have said is a hack that "raises serious alarm bells".The latest Friend Finder Networks' breach would only be rivaled in sensitivity by the breach of Avid Life Media's Ashley Madison extramarital dating site, which exposed 36 million accounts, including customers names, hashed passwords and partial credit card numbers (see Ashley Madison Slammed by Regulators).The first clue that Friend Finder Networks might have another problem came in mid-October.