[German]The dating platform MeetMindful was the victim of a hack in which the database with user data was copied. This user data has now been posted for download by the hacker in an underground forum.
MeetMindful.com is probably more of a niche dating site, but it was founded back in 2014. They were probably hacked and the database with user data was dumped in this attack. Catalin Cimpanu had already announced the incident on Twitter on January 24, 2020 – I haven't had the time to report it earlier.
In this ZDNet article, Cimpanu writes that the hacker had already posted the data from a database dump for free download in an underground forum last Wednesday. The 1.2 GByte dump is about 6 months old and contains the data of 2.28 million users. The dumped user data contains a lot of sensitive information about the participants. This includes:
City, state, and ZIP details
Latitude and longitude
Bcrypt-hashed account passwords
Facebook user IDs
Facebook authentication tokens
However, messages and photos that users have exchanged are probably not included. And the data of all users is also not included in the dump. Due to the encryption, it is also not possible to access the accounts via password. The database is said to have been downloaded 1,500 times already.
The danger posed by this release is the risk of users becoming victims of blackmail, where threats are made to release the data. In addition, the data is also likely to be found in phishing databases soon and misused.
Cookies helps to fund this blog: Cookie settings