SECURITY
SECURITY
SECURITY
6M accounts compromised in hack of dating app Coffee Meets Bagel
Coffee Meets Bagel Inc., a San Francisco Bay Area dating app startup, has been hacked with the account details of approximately 6 million users stolen.
Notification of the data breach was sent to app users today, Valentine’s Day, with the company saying that that data from accounts may have been “acquired by an unauthorized party.”
“On February 11, 2019, we learned that an unauthorized party gained access to a partial list of user details,” the company wrote. “The affected information only includes your name and email address prior to May 2018. As a reminder, we never store any financial information or passwords.”
Coffee Meets Bagel decides to tell users it suffered a data breach…. on Valentine’s Day. đź’” pic.twitter.com/VRNFYlvEJE
— Donie O'Sullivan (@donie) February 14, 2019
The hack was only discovered after data from Coffee Meets Bagel users was listed in a database of 617 million user accounts from 16 different websites found for sale on the dark web earlier in the week. The discovery implies that Coffee Meets Bagel was not aware that it had been hacked before now and presumably the hack occurred last May.
Worse still, the company still apparently doesn’t know how the app was hacked either, saying that it had hired forensic security experts who are conducting audits with its third-party vendors.
Oscar Tovar, vulnerability verification specialist at WhiteHat Security Inc., said the incident is just the most recent example of a vulnerable, widely used application being targeted by malicious actors. But he said businesses can minimize risks.
“Security training and education, along with IT and Ops teams partnering with security to understand and prioritize how to mitigate risk” top Tovar’s list, along with “applying patches to applications immediately – not months after they become available and making security testing a part of the entire lifecycle of an application.”
Coffee Meets Bagel is not the first dating site or app to be hacked and it most certainly won’t be the last. A report Feb. 10 claimed that OKCupid accounts had been compromised although the company denies the allegations.
In 2016 the “Beautiful People” data service was hacked, but the mother of all damaging dating service hacks remains the cheating site Ashley Madison in 2015.
Photo: Coffee Meets Bagel
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
