Hack in the online dating worldA spate of recent hacks has exposed millions of passwords and email addresses. One organisation has even gone so far as to tell its members that at some point their cyber defences will be breached. The hacks also expose some serious passwords blunders and reveal that many people still don’t understand the need for strong passwords.

 

 

Some of you may recall the recent blog about the Adobe hack (see details here and here) in which millions of accounts were hacked. It turns out that Cupid Media, an online dating agency, which used the same server as Adobe was also hacked. Up to 42 million unencrypted names, dates of birth, email addresses and passwords have been stolen by hackers.

Cupid Media runs 35 niche dating sites such as UkraineDate.com, MilitaryCupid.com and IranianSinglesConnection.com. It was hacked back in January but only recently admitted to the breach after it was exposed by Brian Krebs, a well known security researcher.

Interestingly the company never encrypted the user information it was holding, though this isn’t too unusual. Lots of companies don’t encrypt customer data because they fear it will be too expensive or too complicated.

US government and military exposed as well

However, since the hack Cupid Media has begun encrypting passwords. If the data had been encrypted in the first place the hackers would have only discovered scrambled data, which is of no use to them.

It’s also interesting to note that more than 11,000 of the hacked accounts used a US military email address to register, and around 10,000 had registered using a US government address. Interesting indeed – for a certain type of hacker.

Institute warns its 140, 000 members : “You will be hacked”

Hacking is almost a daily occurrence and it seems to be a question of not ‘if’ but ‘when’ a company will be hacked. The Institute of Chartered Accountants England and Wales (ICAEW) has just admitted as much.

The ICAEW ranks more than 140,000 chartered accountant members and in a recently released report pretty much admits that some degree of security breach is unavoidable, and it’s actually part of doing business in a digital world.

Password blunders

But back to the Cupid Media hack. Of the leaked passwords, almost two million picked ‘123456’, and over 1.2 million chose ‘111111’. ‘iloveyou’ and ‘lovely’.

Password’ and ‘qwerty’ were quite common with around 40,000 using these predictable passwords, while 20,000 went for ‘zxcvbnm’ at the bottom of the keyboard.

The danger of using predictable passwords was spelt out only a few days ago.  A web-hosting development site for techie types, GitHub, was hit with a password hack attack.

The method was known as a ‘brute-force’ attack which means the attackers used automated software that identifies commonly used or easily guessed passwords. This is fairly common but the scale of the attack wasn’t. It was launched from 40,000 IP addresses. GitHub had to engage in a massive password reset exercise.

Online identity theft protection

It can be a bit of nightmare trying to establish different passwords for different things, there are often simply too many to remember.  Most people use one password for multiple sites.  It makes sense though to at least create a password that is difficult to detect by including letters, numbers, symbols and a mixture of upper case and lower case.

What’s in a password you might ask? Well, give a hacker a password and email address and you might as well give the keys of your house to a burglar.

It always pays to protect yourself and BullGuard Identity Protection offers high levels of online identity theft protection including password safeguards. If your details are hacked and they appear somewhere on the web, most likely the deep web, you’ll receive immediate alerts so you can take remedial action.

avatarWritten by Steve Bell (82 Posts)

Steve has a background in IT and business journalism and in the past has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies in a copy and content producing capacity. He has a particular focus on IT security and has been involved in writing about the industry at various levels ranging from magazine launches to producing newsletters. He also runs a small copy writing business called Art of Words. When not bashing away at a keyboard he can sometimes be found in a boxing gym making futile efforts to keep fit or marveling at the works of Sufi poets such as Jalaluddin Rumi and Hafiz of Shiraz.


4 thoughts on “Hack in the online dating world: millions of passwords and email addresses exposed

  1. avatarLyndon

    I was recommended this web site by my cousin. I am not sure whether this
    post is written by him as nobody else know such detailed about my problem.
    Yoou are amazing! Thanks!

    Reply
  2. avatarkrista_melbourne

    Great post. I was checking constantly this blog and I’m inspired!
    Extremely useful info particularly the remaining phase :
    ) I care for such info much. I used tto be seeking thiis particular information for a long time.
    Thanks and best of luck.

    Reply
  3. avatarTandy

    When some one searches for his necessary thing, thus he/she needs to be available that in detail, so that thiing is maintained over here.

    Reply
  4. avatarwebsite reviews

    I like the valuable info you provide in ylur articles.
    I’ll bookmark your weblog annd check again here regularly.
    I’m quite certain I’ll learn many new stuff
    right here! Good luck for the next!

    Reply

Leave a Reply

Your email address will not be published.


*