A Server Leaks Personal Details of More Than 70 Dating Sites Users

A hacker has anonymously reported to vpnmentor about a massive data leak consisting of users from more than 70 adult dating and e-commerce websites. Mailfire – an email marketing tool that was used by all these websites is responsible for this massive leak.

The hacker has discovered an unsecured Elasticsearch server which is leaking the data of dating site users. Hundreds of Thousands of users are affected due to the breach that was discovered on August 31.

The database was taken offline on September 3rd after notifying by vpnmentor.

Size of the leak

The size of the data available on the unsecured server was 882.1 GB with more than 320 million suspected data records. The data was exposed in the form of push notifications. The leaked server was a log of push notifications.

Read Also: Facebook Shared Users’ Data With Tinder And Dating Apps

Push notifications are those real-time notification messages that a website sends to users who agreed to receive such messages.

dating website data leak

According to vpnmentor, 66 million individual notification were sent in a time span of 96 hours. It is expected that the unprotected server becomes the victim of the ongoing “meow” cyberattacks campaign.

Each of the 66 million notifications contains Personally Identifiable Information (PII) of the users of the 70+ websites that were using the Mailfire services.

Read Also: 1.2 Billion Records Exposed in a Single Server; Biggest Data Leak of Decade

Leaked Sensitive Information

The leaked data contains Full Names, Age, Date of birth, gender, location of senders, Email addresses, IP addresses, and other profile related information like profile picture and description.

dating website data leak

With the leak of the Authentication token, any profile can be opened easily without the need for a password. After opening any profile, the potential attacker can see the user’s private messages and interests.

Affecting Users

The leaked server affects the users from more than 100 countries including USA, Afghanistan, France, Canada, Australia, Germany, HongKong, Japan, etc.

The leaked server has log reports of adult dating websites like Victoria Brides, WetHunt, Cum2Date, Asian Melodies, Julia Dates, Asia Charm, Betterme, etc.

dating website data leak mailfire

If you are the user of any of the websites then it is advised to contact them and know more about the actions they have taken to protect your data and it is suggested to not fill private information on such dating sites.

Leave a Reply

Your email address will not be published. Required fields are marked *

17 + three =

Do NOT follow this link or you will be banned from the site!