UPDATED 21:26 EDT / FEBRUARY 14 2019

SECURITY

6M accounts compromised in hack of dating app Coffee Meets Bagel

Coffee Meets Bagel Inc., a San Francisco Bay Area dating app startup, has been hacked with the account details of approximately 6 million users stolen.

Notification of the data breach was sent to app users today, Valentine’s Day, with the company saying that that data from accounts may have been “acquired by an unauthorized party.”

“On February 11, 2019, we learned that an unauthorized party gained access to a partial list of user details,” the company wrote. “The affected information only includes your name and email address prior to May 2018. As a reminder, we never store any financial information or passwords.”

The hack was only discovered after data from Coffee Meets Bagel users was listed in a database of 617 million user accounts from 16 different websites found for sale on the dark web earlier in the week.Ā The discovery implies that Coffee Meets Bagel was not aware that it had been hacked before now and presumably the hack occurred last May.

Worse still, the company still apparently doesn’t know how the app was hacked either, saying that it had hired forensic security experts who are conducting audits with its third-party vendors.

Oscar Tovar, vulnerability verification specialist at WhiteHat Security Inc.,Ā said theĀ incident is just the most recent example of a vulnerable, widely used application being targeted by malicious actors. But he said businesses can minimizeĀ risks.

“Security training and education, along with IT and Ops teams partnering with security to understand and prioritize how to mitigate risk” top Tovar’s list, along with “applying patches to applications immediately ā€“ not months after they become available and making security testing a part of the entire lifecycle of an application.”

Coffee Meets Bagel is not the first dating site or app to be hacked and it most certainly won’t be the last. A report Feb. 10 claimed that OKCupid accounts had been compromised although the company denies the allegations.

In 2016 the “Beautiful People” data service was hacked, but the mother of all damaging dating service hacks remains the cheating site Ashley Madison in 2015.

Photo: Coffee Meets Bagel

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content. Ā 

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

ā€œTheCUBEĀ is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate theĀ content you create as wellā€ – Andy Jassy

THANK YOU