2.28M MeetMindful Daters Compromised in Data Breach

  • The ShinyHunters hacking team give a raft of information, from spot and get in touch with information to relationship choices and bodily descriptions, as a totally free down load.

    More than 2.28 million users of the online courting web page MeetMindful have reportedly been caught up in a broad-ranging information breach that exposes all the things from Facebook tokens to physical attributes.

    The ShinyHunters hacking team has stolen and posted the individually identifiable (PII) facts of MeetMindful customers, in accordance to a report from ZDNet. The info has been manufactured out there as a absolutely free download on a “publicly obtainable hacking forum known for its trade in hacked databases,” in accordance to a security researcher talking anonymously to the outlet.

    In full the details can make up a 1.2 GB file, which has 1,500 views in the community discussion board. How many occasions it has been downloaded is unknown.

    MeetMindful combines a courting platform with a concentration on wellness, everyday living-coach content articles, “intentional living” guidelines and musings on spirituality.

    The file collects the info collectively that MeetMindful customers furnished when they registered to use the company and set up their profiles. As a result, it involves names e-mail town, condition and ZIP codes courting tastes beginning dates marital status IP addresses and Bcrypt-guarded account passwords, according to the researcher’s results. Nonetheless, other probably more sensitive details is also included for some customers, like relationship choices “body details” and even latitude and longitude. To boot, Facebook user IDs and authentication tokens are element of the harvest as nicely.

    Threatpost reached out to MeetMindful for confirmation and comment, but has been given no response as of press time.

    A lot of Attacks Doable

    Security researchers famous that dating apps in particular represent a very eye-catching target for cybercriminals.

    “Cyberattackers are progressively concentrating on men and women on dating platforms throughout both equally mobile and desktop,” Hank Schless, senior supervisor of Security Alternatives at Lookout, told Threatpost. “They’re accomplishing this for the reason that these applications are a treasure trove of own data that require heaps of machine permissions these types of as location, obtain to the camera and entry to contacts in order to perform.”

    This distinct breach arrives on the tail of Interpol’s warning of monetary cons currently being carried out in relationship applications, he mentioned.

    “Each of these incidents exhibits that there is no one particular way that attackers seek out to attack courting application buyers,” he said. “Both application builders and users have to have to be cautious of the hazards included with trusting so considerably own data to cell apps. Application developers will need to embed security into their mobile applications and continue to keep their infrastructure security up to day as destructive strategies evolve. App end users really should be cautious about how they interact with people on courting applications and have a cell security application set up that keeps them secure. Social-engineering is a prevalent tactic to phish customers, get them to share own details, or influence them to download a destructive application.”

    There is also a sextortion development of leveraging sexual choices and other highly own data discovered in dating platforms versus the user.

    “Attackers recognize that people today may be willing to fork out a significant price to continue to keep these private specifics from currently being commonly distributed,” Schless reported. “Lookout not long ago found a sextortion marketing campaign referred to as Goontact that qualified users of illicit web pages, commonly offering escort solutions, to steal personal knowledge from their cell phone.”

    Dirk Schrader, worldwide vice president at New Internet Technologies (NNT), famous that a quantity of attacks are possible using this degree of info.

    “This blend of details details involved in the data is absolutely nothing considerably less than toxic. The most straightforward of strategies is to set up some filters in the info, these as marital standing and try out some extortion on the benefits using email,” he instructed Threatpost. “A additional sinister just one is to use the distinct information points to lure people today into phishing makes an attempt at their get the job done put. Having said that, as Major Information is not unknown to hackers it will call for just a minimal far more research about the Fb accounts and email addresses.”

    ShinyHunters Strikes All over again

    The site’s information was unveiled by a perfectly-known steal-and-leak actor recognised as ShinyHunters. The team produced a splash last May perhaps, allegedly compromising 73.2 million user information from far more than 11 providers globally, which includes on the net shipping solutions like Homechef, picture-print services ChatBooks, and Chronicle.com, a news resource for higher training.

    The largest ShinyHunters heist involved stealing log-in data for 91 million people of Indonesia’s largest e-commerce system, Tokopedia, and then marketing it on the dark web for $5,000.

    The team also past year claimed that it broke into Microsoft’s GitHub account and stole 500 GB of facts from the tech giant’s own private repositories on the developer platform.

    Very last week, the group leaked specifics 12.8 million Teespring customers, a web portal that lets consumers create and market custom-printed attire. They made available the data for free of charge, in what scientists said was a most likely sabotage of yet another facts broker’s offer.

    Cloud Environments in Hacker Crosshairs

    It’s unclear how ShinyHunters were ready to obtain the site’s knowledge, but cybersecurity expert and CTO of Cymulate Avihai Ben-Yossef suspects a cloud misconfiguration.

    “The attacker ShinyHunters…has a penchant for likely soon after cloud-to start with companies — these who set their infrastructure in the cloud from the outset,” he explained via email. “There is considerably to be completed to shore up cloud cleanliness – multifactor authentication, very good certification and id shop management, far better configuration and account control, greater segmentation of the workloads, etc. along with continuous security evaluation.”

    Schrader pointed out, “Little seems to be acknowledged about the attack by itself, but it need to not arrive as a shock if they skipped out on all primary security management about vulnerabilities, patching, change handle and File Integrity Checking.”

    Download our exclusive Free Threatpost Insider Ebook Healthcare Security Woes Balloon in a Covid-Era Earth , sponsored by ZeroNorth, to study additional about what these security hazards mean for hospitals at the day-to-working day stage and how health care security teams can carry out greatest tactics to secure vendors and clients. Get the entire story and Obtain the E book now – on us!