2.3 million hit by dating site data breach: What to do
2.3 million hit by dating site data breach: What to practice
If you've got an account on the health-themed dating service MeetMindful, amend modify your password and log out of Facebook.
That's because malicious data thieves have dumped the details of ii.3 million MeetMindful accounts into an online hacker forum where anyone can grab the 1.2GB database for gratis.
- Data alienation at Bonobos hits seven one thousand thousand customers: What to practice
- The all-time password managers to keep your accounts safe
- Plus: Netflix just got a killer audio upgrade for Android users
The now-public user data includes real names, email addresses, street addresses, relationship status, gender, potential-partner preferences, and location by latitude and longitude, according to a ZDNet written report.
"Birthdays" is also amid the leaked fields, but it wasn't clear whether that includes the yr of birth, or just the month and day, which would create less risk of identity theft.
Also leaked were Facebook IDs and session tokens, which let Facebook users stay logged in for a long time. The session tokens might let anyone with that information temporarily log into Facebook accounts, although business relationship hijacking would not be possible without the actual Facebook passwords.
To make sure no one can go into your Facebook business relationship using stolen session tokens, log out of Facebook on all your devices, then log back in.
Harshing our mellow
MeetMindful, which is apparently based in Denver, has been around since 2013. Gizmodo noticed that the dating service's Facebook, Twitter and Instagram accounts had not seen whatever new posts since April 2020, leading to speculation that the service might be in some sort of tech limbo. Too, the service'south Android and iOS apps haven't been updated since the winter of 2020.
Just MeetMindful was alive enough to mail a security advisory, final updated yesterday (January. 24), about this information breach.
"Nosotros are deeply sad that this has happened," the MeetMindful security mail begins, emphasizing the "deeply."
"This incident applies to users who signed up for MeetMindful prior to March 2020. Users who started an business relationship afterward March 2020, or have updated their account details since March 2020 have non been afflicted."
The good news: "No passwords, photos, conversations, matches, credit menu data, or other fiscal data was accessed."
"We accept reached out to all likely affected users," the MeetMindful post says. "If you accept not received an email from the states, directly, you lot are not afflicted by this incident."
Most passwords probably rubber, just change them anyhow
The stored MeetMindful account passwords were encrypted using Bcrypt, one of the strongest one-way-hash algorithms available. Nonetheless, you should change your MeetMindful password anyway, merely to be certain. The service encourages all users to do that here.
Brand sure the countersign is long and stiff, and don't reuse the password on any other business relationship. If you lot used the same password elsewhere, change it on those accounts also, and make sure the new passwords are all unique. Using one of the all-time password managers will go a long way toward keeping your online accounts safe and secure.
The data was dumped by a malicious hacker or grouping of hackers called ShinyHunters — notorious for stealing so publicizing user data from online services. This past Fri, ShinyHunters dumped data belonging to at least 7 meg customers of U.Southward. menswear retailer Bonobos.
Source: https://www.tomsguide.com/news/meetmindful-dating-app-data-breach
Posted by: jarrettsearpon.blogspot.com
0 Response to "2.3 million hit by dating site data breach: What to do"
Post a Comment