Millions of users of the dating siteMeetMindfulgot some unpleasant news program on Sunday . ZDNet reportedthat the cyberpunk grouping ShinyHunters , the same radical who leaked million of exploiter record for the company that listed the“Camp Auschwitz”shirts , has dumped what looks like data from the dating site ’s user database . The leak , which was confirmed by the ship’s company , purportedly contains the sensitive information of more than 2.28 million of the site ’s registered users .
https://gizmodo.com/a-home-security-worker-hacked-into-surveillance-systems-1846111569
According to ZDNet , the 1.2 gigabyte file was shared as a free download “ on a publically accessible hacking forum known for its trade in whoop database . ” Thecompany saidthe leaked data included first name , and in some cases last epithet ; e-mail ; encrypted passwords and other credentials , which it said were not capable to be accessed ; canonic news report detail including urban center , state , date of the account ’s instauration and last alive dates ; some birthdays ; and email and other notification preference .
Photo: Kirill Kudryavtsev/AFP (Getty Images)
MeetMindful state that no passwords , photos , conversations , mates , credit calling card information , or other financial info was leaked . It contribute that no personal entropy relating to peer , such as messages , photos , favorite , or user views , was released .
The electric receptacle , which included screenshots of the file cabinet posted to the cyber-terrorist forum as well as a small sample distribution of the data point exposed , highlight that not all the leak accounts include the user ’s full details . Nonetheless , it stated that the selective information leaked could be used to link individuals ’ date profiles to their real - world identities . The hack meeting place where the data point was carry has been viewed more than 1,500 times . Per the vent , it is still available for download .
ZDNet say it was informed of the news leak by a security research worker , who it did not name , before this week . It added that it had adjoin MeetMindful on Thursday to ask for a comment on the affair but had not receive a response for days .
Gizmodo incur in touch with MeetMindful on Sunday and was pointed toan articleby co - owner Keith Gruen on the company ’s reaction . Gruen say that a “ well - bed cyber-terrorist ” posted user data from several fellowship on Jan. 20 , including MeetMindful , and apologized for the break .
“ We are deeply bad that this has happened , and require to be as blunt and transparent as potential about what occurred , who was affected , and how we ’re impress forrad , ” Gruen wrote .
Gruen tell the drudge work a now - closed exposure in its arrangement and was thus able-bodied to export an out-of-date version of a tilt of basic user info . The breach bear on user who signed up for MeetMindful before March 2020 , the company explained . Users who created an account after March 2020 or have updated their news report details since March 2020 were not affected .
The company express that it had bring brought in “ extra development resources to ensure future safety . ” It also said that he had arrive at out to all likely impact exploiter and was actively reviewing its systems and subroutine to ensure that this did n’t befall again .
“ We have increase our layer of security on all servers and within our software . This may leave in slow access times or firewall checks for some user , ” Gruen enunciate .
allot to itsCrunchbaseprofile , MeetMindful is a date site platform for “ people who are into wellness , well - being , and heedfulness . ” It was establish in 2013 , is establish in Denver , Colorado , and is still active .
Here ’s where it start to get a lilliputian strange , though . The site’slistedsocialmediachannels have been inactive for months , which is interesting moot that major see apps have beengrowingduring the pandemic . I mean , do n’t they desire to promote their user to engagement ( safely ) ? From the exterior , the overhaul seems like utter geographical zone . Who know though , it could be all the rage inside the website itself .
https://gizmodo.com/the-dark-webs-largest-forum-for-stolen-credit-card-data-1846083661
In the fellowship ’s spot , Gruen did not comment on the amount of user affected by the hack . He suggest users to readjust their passwords to add additional security department to their report and not to respond if they get a textual matter or email postulate for their account numbers or passwords . MeetMindful will never involve user to deal personal data in an email or schoolbook , Gruen said .
Gizmodo asked Gruen if he could nail down the number of users impact , but he said that the society was not commenting publicly on the extent of the break . Nonetheless , Gruen stated that the number of affected users being describe , or the 2.28 million abduce by ZDNet , was considerably in high spirits than realness . At least dual , he add .
When ask whether it was on-key that Facebook user ID and assay-mark tokens had also been get at , Gruen confirmed that there was expired Facebook data point in the rift , specifically long - expired tokens that MeetMindful used when exploiter created an account via Facebook . MeetMindful no longer lets users make an account using Facebook , he said , foreground that tokens typically have a60 - day maximal lifecycle .
“ The let go of data is neat than six months honest-to-god , and our Facebook integration was also removed well over 60 days ago , so we have no salient concern about this at present , as each of these tokens has expire , removing any potential for improper utilization , ” Gruen said .
[ ZDNet ]
Update 2025-05-19 , 9:40 a.m. ET : This post has been updated with additional information from MeetMindful .
FacebookHacker groupsRedditsoftware
Daily Newsletter
Get the good technical school , science , and finish news in your inbox daily .
tidings from the future , delivered to your present .
You May Also Like
