A data breach at a website billed as "the world's largest sex and swinger" community may expose personal and sexual information on millions of users worldwide, a report said Friday.
Stolen data from some 3.9 million members of Adult FriendFinder was leaked by hackers, according to an investigation by Britain's Channel 4.
The report said the leaked data included the sexual orientations and preferences of users, and whether they are seeking extramarital affairs.
Also exposed were email addresses, user names, dates of birth, postal codes and Internet addresses of the users' computers, according to Channel 4.
In a statement on its corporate website, the parent company FriendFinder Networks said it "has just been made aware of a potential data security issue and understands and fully appreciates the seriousness of the issue."
"We have already begun working closely with law enforcement and have launched a comprehensive investigation with the help of leading third-party forensics expert."
The data breach was first reported a month ago by security researcher Bev Robb who discovered the data on a "dark Web" site. But the name of the dating site was not disclosed before Friday's report.
"There is a ton of personally identifiable information sitting in a forum on the Darknet," Robb noted last month.
"Though the files were stripped of credit card data, it is still relatively easy to connect the dots and identify thousands upon thousands of users who subscribe to this adult site."
Security experts say such stolen data can be used for various email scams and potentially for blackmail.
Security researcher Graham Cluley said in a blog post Friday that the website has an obligation to inform its 63 million members worldwide.
"How about posting a warning on your website so your members can look out for phishing emails, or malware which might be sent to them?" Cluley said.
"What about some advice about the type of threats that users could be exposed to—including, potentially, blackmail—if their membership of the site is uncovered?"
Explore further: Password breach spreads beyond LinkedIn