Guardian Soulmates website hacked as dating data breached
Third-party tech provider gets the blame
The Guardian’s online dating website has suffered some manner of data breach, with user information getting spilled and subsequently used in targeted spam emails of a sexually explicit nature.
Users of the Guardian Soulmates website have reportedly received spam messages which include details drawn from their site profiles, and according to one user who spoke to the BBC, the emails “directly [referenced] information that could only have come from the Soulmates database”.
Apparently, said user – who is employed in the IT arena – contacted The Guardian newspaper regarding the incident last November, and received a reply confirming the data leak late last month.
A spokeswoman for the Soulmates site told the Beeb that only email addresses and user IDs had actually been exposed, but that this information allowed malicious parties to dig up further details on members by finding and combing through their online profiles (which are public).
The data was leaked thanks to ‘human error’, the publisher of the newspaper noted, and it wasn’t the fault of a Guardian employee, but rather a third-party technology provider.
No more details were supplied about the source of the data spillage, but The Guardian confirmed that the problem no longer exists, as you would hope.
Privacy priorities
Soulmates is a dating service that folks can sign up for worldwide, and one of its selling points is privacy and moderation policies that ‘mean you and your data are safe’. Not so much in this case.
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.
The Guardian has apologized to anyone affected – apparently the site has received 27 messages from users who have had their email addresses exposed, but there may be considerably more folks hit (or who will be hit) by the issue – and said that it was reviewing its use of third-party suppliers.
The sad truth is that data breaches are far from a surprise these days, with one coming after another without much batting of eyelids involved anymore. Last month we witnessed a huge breach at Wonga (a payday loan outfit) in the UK which affected almost a quarter of a million customers.
You can certainly take steps to guard your personal data against hackers to some extent, but if you’re using services on the internet, then there’s not much you can do if their security – or a related third-party working with the firm – is lax.
- It’s always worth ensuring you’re running the best antivirus software
Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).