Yet another dating site has suffered a serious data breach
Manhunt alerts authorities, but lacks crucial details
Gay dating app Manhunt has confirmed that a hacker gained access to its accounts database earlier this year.
Manhunt, which claims to have six million members, has confirmed it was hit by a data breach in February, in a notice filed with the Washington attorney general’s office.
The breach is the latest in a long string of attacks on dating sites that are an attractive target for malicious users since they often hold some of the most sensitive information about their users.
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
- We’ve also rounded up the best business password managers
- And these are the best password generators
- Secure your credentials with one of the best security keys
The company says that the breach gave the hacker access to a database that stored account credentials for Manhunt users. The attacker capitalized on the access and downloaded the usernames, email addresses and passwords - although Manhunt says it doesn’t store any payment details.
Little details
While the Manhunt notice acknowledged that more than 7700 Washington state residents were affected by the breach, the company didn’t mention what percentage of its users had their data stolen.
However, an attorney representing the company told TechCrunch that the breach impacted 11% of Manhunt users.
The notice is missing several other critical details as well. For instance, it doesn’t share any details about the circumstances that lead to the data breach, and the steps the company has taken to ensure such an incident doesn’t reoccur.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The notice also fails to mention whether the leaked passwords were encrypted or not. They do note that once they became aware of the breach, they forced-reset the password of the affected users.
- Shield yourself with these best identity theft protection services
Via: TechCrunch
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.