Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label dating app security. Show all posts
Dating Apps
Consumer Information Cyber Phishing Data Breach Data Leak data security Data Theft dating app security Dating Apps

ShinyHunters Claims Match Group Data Breach Exposing 10 Million Records

 

A new data theft has surfaced linked to ShinyHunters, which now claims it stole more than 10 million user records from Match Group, the U.S. company behind several major swipe-based dating platforms. The group has positioned the incident as another major addition to its breach history, alleging that personal data and internal materials were taken without authorization. 

According to ShinyHunters, the stolen data relates to users of Hinge, Match.com, and OkCupid, along with hundreds of internal documents. The Register reported seeing a listing on the group’s dark web leak site stating that “over 10 million lines” of data were involved. The exposure was also linked to AppsFlyer, a marketing analytics provider, which was referenced as the likely source connected to the incident. 

Match Group confirmed it is investigating what it described as a recently identified security incident, and said some user data may have been accessed. The company stated it acted quickly to terminate the unauthorized access and is continuing its investigation with external cybersecurity experts. Match Group also said there was no indication that login credentials, financial information, or private communications were accessed, and added that it believes only a limited amount of user data was affected. 

It said notifications are being issued to impacted individuals where appropriate. However, Match Group did not disclose what categories of data were accessed, how many users were impacted, or whether any ransom demand was made or paid, leaving key details about the scope and motivation unresolved. Cybernews, which reviewed samples associated with the listing, reported that the dataset appears to include customer personal data, some employee-related information, and internal corporate documents. 

The analysis also suggested the presence of Hinge subscription details, including user IDs, transaction IDs, payment amounts, and records linked to blocked installations, along with IP addresses and location-related data. In a separate post published the same week, ShinyHunters also claimed it had stolen data from Bumble. The group uploaded what it described as 30 GB of compressed files allegedly sourced from Google Drive and Slack. The claims come shortly after researchers reported that ShinyHunters targeted around 100 organizations by abusing stolen Okta single sign-on credentials. The alleged victim list included well-known SaaS and technology firms such as Atlassian, AppLovin, Canva, Epic Games, Genesys, HubSpot, Iron Mountain, RingCentral, and ZoomInfo, among others. 

Bumble has issued a statement saying that one contractor’s account had been compromised in a phishing incident. The company said the account had limited privileges but was used for brief unauthorized access to a small portion of Bumble’s network. Bumble stated its security team detected and removed the access quickly, confirmed the incident was contained, engaged external cybersecurity experts, and notified law enforcement. Bumble also emphasized that there was no access to its member database, member accounts, the Bumble app, or member direct messages or profiles.
Read more »
Technology
Apple Data Breach dating app security Technology

Apple Removes Controversial Dating Apps After Data Leak and Privacy Violations

 

Apple has removed two dating apps, Tea and TeaOnHer, from the App Store months after a major data breach exposed users’ private information. The removal comes amid continued criticism over the apps’ privacy failures and lack of effective content moderation. 

The controversy started earlier this year when 404 Media reported that Tea, described as a dating and safety app, had leaked sensitive data, including driver’s licenses and chat histories. 

The exposed information was traced to an unsecured database and later appeared on the forum 4chan. Despite the breach, the app briefly gained popularity and reached the top of the App Store charts, driven by widespread online attention. 

TechCrunch reported that Apple confirmed the removal of both apps, citing multiple violations of its App Store Review Guidelines. The company pointed to sections 1.2, 5.1.2, and 5.6, which address objectionable content, data protection, and excessive negative user feedback. 

Apple also received a large number of complaints and low ratings, including reports that personal information belonging to minors had been shared on the platforms. According to Apple, the developers were notified of the issues and given time to make improvements, but no adequate action was taken. 

The gap between the initial reports of the data leak and the eventual removal likely reflects this period of review and attempted remediation. The incident highlights ongoing challenges around privacy and user safety in dating apps, which often collect and store large amounts of personal data. 

While Apple enforces rules intended to protect users, the case raises questions about how quickly and effectively those rules are applied when serious privacy risks come to light. The removal of Tea and TeaOnHer underscores the growing scrutiny facing apps that fail to secure user information or moderate harmful content.
Read more »
Subscribe to: Comments (Atom)