Hackers have pilfered and published the personal details and sexual preferences of 3.9 million users of hookup website Adult FriendFinder.
Lusty lonely hearts, including those who asked for their account to be deleted, have been left in an awkward position after hackers broke into systems before uploading the details to the dark web.
Email addresses, usernames, postcodes, dates of birth and IP addresses of 3.9 million members have been exposed.
The UK's Channel 4 News, which came across the leak during a wider investigation into the dark web, broke the story of the FriendFinder breach on Thursday. Independent infosec bod Bev Robb penned a blog post about the leak in mid-April but did not name the hacked site.
FriendFinder Networks admitted the breach had occurred and told Channel 4 that it had launched a "comprehensive investigation with the help of a leading third-party forensics expert".
However, a warning to members is not as yet listed on the (NSFW) site itself, noted independent security expert Graham Cluley.
Adult FriendFinder boasts 63 million users worldwide.
Rob Norris, Fujitsu director of enterprise and cyber-security in UK and Ireland, noted that the breach was the latest in a long line of similar spills.
"Another day, another data breach – this time FriendFinder is in the spotlight," Norris said. "Although this hack is looking to be resolved quickly, it once again highlights that it is no longer about prevention, but instead about accepting a data breach will occur and moving to a proactive approach which allows better preparation for dealing with today’s threats."
He added: "The amount of data and confidential information transacted every day, coupled with the growth in reliance on digital services, means that any organisation is at risk – making most an easy target in the eyes of a cyber-criminal."
Brian Honan, an infosec consultant who founded and heads up Ireland's Computer Security Incident Response Team, said that the latest leak posed a higher risk of harm than most.
"I've always thought adult dating sites would be a perfect target for criminals to breach and use details for extortion," he said in a Twitter update. ®