A HACKER has exposed the private details of 2.3million people after breaking into into a major dating service.
Sensitive information shared online last week belonged to US website MeetMindful and included users' names, email addresses and location data.
The data dump was posted to a publicly accessible hacking forum where crooks can download it for free, a cyber security expert told ZDNet.
Stored in a 1.2GB file, the stolen details feature credentials plugged in by users when they signed up to MeetMindful, which was founded in 2014.
People's real names, body details, dating preference, Facebook ID, birth dates and more were all leaked by the hacker.
The wealth of data available makes it possible to trace people's profiles back to their real-world identities, ZDNet reported.
It puts users at risk of sextortion, a despicable attack that involves contacting the victims of dating site breaches and threatening to expose their profiles or messages to friends and family.
In a statement, MeetMindful confirmed that a breach of an "outdated" list of user information was leaked online.
The data did not include people's messages or credit card details, MeetMindful's Keith Gruen wrote in a blog post.
"We are deeply sorry that this has happened," Gruen said.
The hack took place on January 20 and exploited a vulnerability in one of the Colorado company's databases. The flaw has now been patched.
"We identified the vulnerability and immediately resolved it," Gruen wrote.
He added that the company had "brought in additional development resources to ensure future safety."
MeetMindful is in the process of contacting all users believed to be affected, Gruen said. He recommended that users change their passwords.
How to stay safe from hackers
- Protect your devices and networks by keeping them up to date: use the latest supported versions, use anti-virus and scan regularly to guard against known malware threats.
- Use multi-factor authenticationto reduce the impact of password compromises.
- Tell staff how to report suspected phishing emails, and ensure they feel confident to do so, investigate their reports promptly and thoroughly.
- Set up a security monitoring capability so you are collecting the data that will be needed to analyse network intrusions
- Prevent and detect lateral movement in your organisation’s networks.
Those seeking answers over whether their data has been compromised can contact MeetMindful directly at [email protected]
It's one of a number of embarrassing data breaches to hit tech platforms in recent months.
A leaked Virgin Media database exposed the passwords of nearly 1million users last year, while British Airways is still compensating hundreds of thousands of customers who had their details stolen in a data hack in 2018.
To ensure your accounts are protected from hackers, keep your phone and PC up to date with the latest security software, and use strong passwords that are tricky to guess.
It's also a good idea to use different password for each site and app you use to avoid hackers breaking into multiple accounts at once.
In other news, a hacker locked up people's penises earlier this month by remotely accessing "smart" chastity cages – and demanded a $750 ransom.
A new tool called "Bufferi.ng" claims it can help people fake a bad video call connection so you can take a break from meetings.
And, a WhatsApp bug could let total strangers join your group chats and steal your phone number.
Should apps and websites do more to protect users from hackers? Let us know in the comments!
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
Source: Read Full Article