Users of Guardian Soulmates have been receiving explicit spam emails after a data breach on the site, the BBC has revealed.
Run by The Guardian newspaper, Guardian Soulmates is an online dating site that aims to facilitate long-lasting relationships.
And it was announced today that the site had experienced a data breach, which is said to have led to user IDs and email addresses being exposed.
As a result, a number of users are said to have received explicit spam emails, which included personal information like usernames.
One Guardian Soulmates user told the BBC they contacted the site in November last year, after they began receiving explicit spam messages to an email address they exclusively used for Guardian Soulmates.
Their username also apparently appeared within the emails.
The user told the BBC: “I basically had been receiving spam directly referencing information that could only have come from the Soulmates database.
“It’s all information that I was happy to put online at one point anyway, but when it’s used outside of context like that it does feel a lot more creepy.”
The user is said to have received an email from Guardian Soulmates last month, confirming the breach.
A spokesperson for the site has explained that the breach was due to “human error” and said a third party technology provider was to blame for the incident, and the issued had now been fixed.
Guardian Soulmates said that although only user IDs and email addresses were exposed, this information could be used to find members’ “publicly available online profiles”.
The Guardian Soulmates spokesperson said: “We can confirm we have received 27 enquiries from our members which show evidence of their email addresses used for their Soulmates account having been exposed.
“Our ongoing investigations point to a human error by one of our third-party technology providers, which led to an exposure of an extract of data.”
In response to news of the breach, a spokesperson for the Information Commissioner’s Office told the BBC it was: “Aware of a potential incident involving Guardian Soulmates and will be looking into the details.
“The law requires all organisations handling personal data to take appropriate measures to keep that information secure.
“As the regulator, it’s our job to act on behalf of the UK public to see whether that’s happened.”
To find out more please click here.