AfterDawn: Tech news

Sorry niche online daters, Cupid Media got hacked and they stored your information in plain text

Written by Andre Yoskowitz (Google+) @ 20 Nov 2013 13:25

Sorry niche online daters, Cupid Media got hacked and they stored your information in plain text Cupid Media, the company behind niche online dating sites like ChristianCupid.com, was hacked earlier this year and over 42 million unencrypted names, dates of birth, emails and passwords were stolen.
The hack took place in January, and the company did not admit to it until forced to by security researcher Brian Krebs.

Krebs discovered the files on the same server where user information stolen from Adobe last month was being stored. Adobe used some low-end encryption on their data, but Cupid Media almost shockingly stored everything in plain text.

Cupid Media's managing director Andrew Bolton says that in January when the hack occurred, "we took what we believed to be appropriate actions to notify affected customers and reset passwords for a particular group of user accounts. We are currently in the process of double-checking that all affected accounts have had their passwords reset and have received an email notification."

Only active users have been notified, which Bolton says "is considerably less than the 42 million that you have previously quoted". Since the breach, the company has begun salting and hashing, an industry standard that is also easily broken but at least offers some protection.

Previous Next  
Comments have been disabled for this article.

News archive