Large Cache Of Badoo User Data Is Being Sold Online

Badoo

A large cache of Badoo user data has been stolen and is currently being traded online, according to new information released by LeakedSource. 

Last week, the data breach-monitoring site confirmed it had obtained data taken from the online dating site, which includes the email addresses, cracked passwords, names, and dates of birth, as well as some other unknown values.

According to the site, the stolen information contains a total of 127,343,437 records, a figure that was also confirmed by another unknown source.

In a blog post, LeakedSource said: “Badoo.com was hacked. LeakedSource has obtained and added a copy of this data to its ever-growing searchable repository of leaked data.

“Badoo has not returned our request for comment on this matter but they did respond to a reporter named Joseph Cox with a denial of the breach. This reporter independently verified the breach.

“Three portions of the data were then provided to Motherboard, each containing 10,000 records, which the site used to run a validity test on 100 accounts.”

Out of the accounts tested, Motherboard found 54 to be linked to an active account on the dating site, with a further 23 saying an account had been created, but that the user had not completed registration by clicking the confirmation link sent to them.

Additionally, messages sent to a number of the email addresses linked to accounts on Badoo failed to deliver, with the site still waiting to get a response from those who’s messages were successfully sent.

Motherboard also found that the passwords within the samples were hashed with MD5.

And according to LeakedSource, almost 50,000 of the passwords in the data cache were “badoo”.

Badoo denies hack claims

Badoo has since denied the claims of a security breach, with spokesperson Joelle Hadfield telling Motherboard: “Badoo takes privacy and security extremely seriously.

“Badoo has not been hacked and our user records/accounts are secure. We monitor our security constantly, and take extreme measures to protect our user base.

“We were made aware of an alleged data breach, which upon a thorough investigation into our system, we can confirm did not take place.”

Last month, Badoo was also linked to another hack, which saw hackers steal a database containing the personal information of more than 57m people from an as-yet unknown source.

The site, alongside rival dating site Zoosk fully denied the claims, with security expert Troy Hunt later confirming the breach was clearly from neither dating site.

Check out LeakedSource’s full blog post here.