The "sex and swingers" hook-up site Adult Friend Finder has been hacked, according to unverified reports.
The site's operator has begun an investigation. It said it had already fixed a vulnerability but would not confirm there had been a breach.
The leak is said to cover 20 years of sign-ins, including deleted accounts.
AFF's parent company owns explicit webcam sites, whose logins are also believed to have been stolen.
"Over the past several weeks, Friend Finder has received a number of reports regarding potential security vulnerabilities from a variety of sources," Friend Finder Networks' vice president Diana Ballou told ZDNet.
"Immediately upon learning this information, we took several steps to review the situation and bring in the right external partners to support our investigation."
The site was previously hacked in May 2015, when 3.5 million user records were exposed.
Leaked Source, which reported the latest breach, said it was the biggest data leak it had ever seen.
Including Friend Finder Networks' other explicit sites, the entire breach is said to include information about 412 million accounts.
It is second in size only to Yahoo, which revealed in September 2016 that data about some 500 million users had been stolen by "state sponsored" hackers.