Russian Hackers Breach 97 Sites, Most Are Niche Dating


A number of online dating sites have been breached by a group of Russian-speaking hackers, according to security researchers Hold Security.

The team of hackers have apparently stolen user login information from a total of 97 websites, with most of these sites dating-related.

The list discovered by the information security company reveals that many of the breached dating sites are niche sites.

Hold Security founder and CTO Alex Holden exclusively told Jeremy Kirk, from the IDG News Service about the stolen data, which was found on a server by the company’s analysts.

He also said that the server was not password protected, and therefore allowed the company to analyse its full contents.

Holden identified a list of websites and their software vulnerabilities within the content, along with notes written in Russian.

He also said that all 97 sites were breached since 4th July until around a week ago.

So far, he has uncovered large lists of email addresses, and lists of unencrypted passwords from some of the targeted sites.

The majority of the hacked sites have a database flaw, which hackers can identify and use to gain access to other information within the systems.

This latest dating site security issue comes just over a month after the devastating Ashley Madison hack, in which hackers breached its systems and stole the personal information of 33m users, as well as executive emails.

Although it is not clear what the hackers plan to do with the stole information, Holden believes they do not have the same intention as the Ashley Madison hackers.

Holden told Jeremy Kirk, from the IDG News Service: “These hackers don’t know how to monetise the rest of the data, so they steal things that they can monetise.”

However, he added that it doesn’t seem as though the hackers have tried to sell the data yet.

He also said that the Russian-speaking hackers are not connected to The Impact Team, and that they “are doing what security auditors would” by externally examining the sites for any weaknesses.

IDG News Service has seen the full list of websites, but it is not naming them.