Notorious hacker ShinyHunters has leaked the personal information of almost 2.3 million users from the online dating platform MeetMindful.
The data first appeared online last week on a publicly accessible hacking forum and was available to download for free. It received more than 1,500 views, although it’s not known how many were converted into downloads.
The 1.2GB file contained email addresses, geolocation coordinates, Facebook tokens and IP addresses, but no financial information.
MeetMindful has apologised for the leak and warned users that their information may have been taken. However, it believes that only members who signed up prior to March 2020 were affected.
A spokesperson explained in a statement: “We are deeply sorry that this has happened, and want to be as candid and transparent as possible about what occurred. A well-known hacker was able to exploit a now-closed vulnerability in our system, and was able to export an outdated version of a list of basic user information.
“We identified the vulnerability and immediately resolved it, as well as brought in additional development resources to ensure future safety.”
ShinyHunters was able to access more than 30 million user records from Zoosk in May. It also listed them on a popular cybercrime marketplace, this time charging as much as $18,000 to download the database.
This led to a number of Zoosk members joining together and issuing a lawsuit against the Spark Networks-owned dating service.
Read more here.