Data breach on Senior Dating website leaks information of 765,000 users
- Two dating sites with the same owner have suffered massive data breaches
- In total, more than 850,000 users are affected
- Victims are at risk of identity theft and are urged to take action now
A database from the matchmaking site Senior Dating was discovered on the data breach site Am I pwned? (HIBP). The database contains the personally identifiable information of 765,517 users and the site has since been completely shut down.
The compromised data breach comes from a Google-backed web development platform, Firebase.
Another dating site with the same owner, Ladies.com, suffered a similar breach, with 118,809 users exposed. The site, a lesbian dating platform, was also shut down shortly after the leak, on December 4.
Early disclosure
As a dating site for users aged 40 and over, the site included the photos, emails, geographical locations and even drinking and smoking habits.
Researchers noticed this notifications about the infringements as early as February 25 for ‘Women’ and on April 4 for ‘Senior Dating’, as the unpatched vulnerability remained for months until the breach was uploaded to HIBP in November.
A breach of this scale and severity should obviously have warranted a much more urgent and robust response, but so far the company does not appear to be offering credit monitoring services to those affected.
Criminal actors may have had access to users’ emails, passwords, locations and information, so there is a significant risk of identity theft or social engineering scams. Threat actors may have access to information that could be used against them, such as geographic locations or relationship status.
We urge all involved to closely monitor their accounts for suspicious activity and be on the lookout for scams or new online contact. We’ve created a list of the best identity theft protection software, so make sure you check it out if you think you might be affected.