According to research from cybersecurity firm Hold Security, the vast majority of leaked login credentials relate to Mail.ru, Russia's most popular email service.
However, Reuters reports that millions of Google, Yahoo and Microsoft email accounts have also been stolen, affecting internet users across the world.
Passwords were encrypted, but insecurely, and Leaked Source says it has managed to crack 99% of them.
It's not clear who was behind the attack, though Leaked Source says it occurred in October 2016.
Adult Friend Finder asks customers to detail their interests and, based on those criteria, matches people for sexual encounters.
The site, which boasts 64 million members, claims to have "helped millions of people find traditional partners, swinger groups, threesomes, and a variety of other alternative partners." The information Adult Friend Finder collects is extremely personal in nature.
The 412 million accounts go back 20 years, it says, and the lion's share comes from Adult Friend Finder — almost 340 million.
Significantly less information about users has been leaked, however — while Ashley Madison included everything from photos and sexual preferences to addresses, the Friend Finder breach is limited to more basic information like email addresses, passwords, and registration dates.
Websites are hacked daily and their data is stolen by hackers.
This data often contains the personal information of the registered users of these sites, including passwords (which are often encrypted, but not always), aims to raise awareness regarding database breaches by providing as much necessary information as possible regarding security breaches.
Asked why he was doing this, Auernheimer said: "I went straight for government employees because they seem the easiest to shame." Millions of others remain unnamed for now, but anyone can open the files -- which remain freely available online.
That could allow anyone to extort Adult Friend Finder customers.