Hacker leaks data of 2.28 million dating site users

by | Jan 25, 2021

style="display:block" data-ad-client="ca-pub-6620833063853657" data-ad-slot="8337846400" data-ad-format="auto" data-full-width-responsive="true">
 
 
 

 

 

Reading Time: 1 Minute

 

 

Data belongs to dating site MeetMindful and includes everything from real names to Facebook account tokens, and from email addresses and geo-location information.

 

 

 
  

 

A well-known hacker has leaked this week the details of more than 2.28 million users registered on MeetMindful.com, a dating website founded in 2014, ZDNet has learned this week from a security researcher.

The dating site’s data has been shared as a free download on a publicly accessible hacking forum known for its trade in hacked databases.

The leaked data, a 1.2 GB file, appears to be a dump of the site’s users database.

The content of this file includes a wealth of information that users provided when they set up profiles on the MeetMindful site and mobile apps.

 

 

 

style=”display:block” data-ad-client=”ca-pub-6620833063853657″ data-ad-slot=”8337846400″ data-ad-format=”auto” data-full-width-responsive=”true”>

 

Some of the most sensitive data points included in the file include:

  • Real names
  • Email addresses
  • City, state, and ZIP details
  • Body details
  • Dating preferences
  • Marital status
  • Birth dates
  • Latitude and longitude
  • IP addresses
  • Bcrypt-hashed account passwords
  • Facebook user IDs
  • Facebook authentication tokens

 

meetmindful-db-sample.png

 

Image: ZDNet

 

Messages exchanged by users were not included in the leaked file; however, this does not make the entire incident less sensitive.

 

See Also: Offensive Security Tool: Shad0w

 

style=”display:block” data-ad-client=”ca-pub-6620833063853657″ data-ad-slot=”8337846400″ data-ad-format=”auto” data-full-width-responsive=”true”>

 

While not all leaked accounts have full details included, for many MeetMindful users, the provided data can be used to trace their dating profiles back to their real-world identities.

When we reached out for comment to MeetMindful on Thursday via Twitter, a MeetMindful spokesperson redirected our request to an email address from where we have not heard back for three days.

In the meantime, the forum thread where the MeetMindful data was leaked has been viewed more than 1,500 times and most likely downloaded, in many cases.

The data is still available for download on the public file-hosting site where it was initially uploaded.

 

style=”display:block” data-ad-client=”ca-pub-6620833063853657″ data-ad-slot=”8337846400″ data-ad-format=”auto” data-full-width-responsive=”true”>

 

See Also:SolarWinds Supply Chain Hack – The hack that shone a light on the gaps in the cybersecurity of governments and big companies

 

 

The site’s data was released by a threat actor who goes online as ShinyHunters, who earlier this week also leaked the details of millions of users registered on Teespring, a web portal that lets users create and sell custom-printed apparel.

A request for comment sent to an email address previously used by ShinyHunters was not answered.

The leak of this highly sensitive data represents a looming issue for the site’s users and the main reason why MeetMindful needs to notify account holders.

Over the past few years, many cybercrime groups have engaged in a practice called sextortion, where they take data leaked from dating sites and contact site users, threatening to expose their dating profiles and history to family or work colleagues unless they’re paid a ransom demand.

 

 

 

Source: www.zdnet.com

 

 
(Click Link)

 

 

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!


Information Security Solutions

Find out how Pentesting Services can help you.


Join our Community

Share This