US dating site MeetMindful database leaks: 2.28 million users affected
The dating sites will require users to fill in detailed information when users register, but if such sites have database leakage problems, the consequences will be disastrous.
At present, the United States dating site MeetMindful was found to have a database leak. The site learned that the database was stolen when hackers sold data on underground forums.
As a dating website, this website requires users to fill in detailed information as data judgments. The information collected by this website includes but is not limited to the user’s real name, email address, home address, physical details, dating preferences, marital status, birthday, etc.
There is also location information collected when users use the website, stored in latitude and longitude, network address, account password encrypted by hash, and Facebook account token.
Researchers broke the news that the database of this dating site had already been dragged down, and then hackers posted part of the data in underground forums for testing and then looked for buyers.
But the website didn’t seem to know about this until the researchers notified it, and even so, the website has still not released any official response.
From the data obtained by the researchers, it can be seen that the user information of this website is basically leaked. For example, the information we listed above is in the database.
The inspection found that the database size is 1.2GB and the format is a database dump file, which means that hackers may secretly attack the website and download the data.
In the absence of necessary security guarantees and daily security inspections, the website does not seem to have found any abnormalities, because such things should be announced immediately if this happens according to regulations. It is worth noting that the researcher also contacted the website via email, but still did not get any reply.
When providing your own real data, you must consider what you can do if the data is leaked. If you feel that there is no way, it is best not to provide detailed data.
Via: ZDNet