Hacker Posts Credentials of 2.28 Million Dating Site Users Publicly
A well-known hacker leaked the personal information of 2.28 million users of the dating site, MeetMindful, last week.
The dating site's data was shared on a public hacker forum and was free to download. It included sensitive information of registered users such as full names, registered addresses, email addresses, and more.
The leaked data is a 1.2 GB file and was shared as a free download online "on a publicly accessible hacking forum known for its trade-in hacked databases," as ZDNet explained. The well-known hacker group goes by the name of Shiny Hunters.
The stolen information is what MeetMindful's users initially provided when registering on the dating site. It included real names, email addresses, city, state, and ZIP codes, body details, dating preferences, marital status, birth dates, IP addresses, Bcrypt-hashed account passwords, Facebook user IDs, and Facebook authentication tokens.
Messages written between users were not shared in the leaked file, but the above information is enough to seriously encroach on users' personal lives.
Dating data on the loose. Data belongs to dating site MeetMindful and includes everything from real names to Facebook account tokens, and from email addresses and geo-location information.https://t.co/PejBEKNe2D— Unauthorized User (@Unauth0riz3d) January 24, 2021
MeetMindful posted a warning on its website, stating it had sent an email to all users that were affected by the leak. It explained that only users who registered prior to March 2020 were affected by this data breach. Anyone who joined after then, or who has since updated their profile, is not affected.
The company also said it's since addressed the vulnerability in its system, "and was able to export an outdated version of a list of basic user information."
According to ZDNet, the leaked file was viewed over 1,500 times since it was posted on the hacker forum — the name of which was not disclosed.
In a world where digitalism is growing exponentially, cyber-attacks will keep occurring if stronger security isn't put in place.
In countries such as Finland, for instance, the nation is putting practices and rehearsals in place to be prepared for potential cyber-attacks. Other countries, or at least companies, could take a page out of the European nation's book.