BeautifulPeople.com hacked and personal details leaked

Information including sexual orientation & relationship status taken from the elite dating website

Internet dating

Less than a year after the Ashley Madison debacle, another dating site has been subject to a hack with the personal details of 1.1 million users leaked on the internet.

The data from elite dating website BeautifulPeople.com includes private information such as sexual orientation, relationship status, income and address, as well as 15 million private messages sent between users. Other information being sold online includes weight, height, job, education, body type, eye and hair colour, email address and mobile phone number.

The stolen databasealso contained users' passwords, although this information was encrypted.

According toForbes, the leak was first revealed to the website in December 2015 by a security researcher Chris Vickery. At this point, BeautifulPeople.com said the information was from a test server and the security hole was quickly closed. However, it has now come to light that the information stolen was the personal information of the site's real users.

Advertisement
Advertisement - Article continues below

One person who obtained the database is Troy Hunt, an Australian security expert who runs leak website HaveIBeenPwned.com. He told Forbes he couldn't predict how much this data was being sold for or how it was being used. However, he was able to verify with BeautifulPeople.com that the user data was real personal details and they could be used to attempt to reset passwords, for example.

"We're looking at in excess of 100 individual data attributes per person," Hunt told Forbes. "Everything you'd expect from a site of this nature is in there."

A statement by BeautifulPeople.com said: "We can confirm we were notified of a breach on December 24th of 2015 of one of our MongoDB test servers. This was a staging server and not part of our production data base. The staging server was immediately shut down."

The company said it had told its users about the breach and confirmed passwords were encrypted and financial details were not included in the information originally leaked.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Recommended

Visit/security/ddos/28039/how-to-protect-against-a-ddos-attack
Security

How to protect against a DDoS attack

25 Oct 2019
Visit/data-breaches/29418/equifax-data-breach-cost-14-billion-so-far/page/0/1
data breaches

Ex-Equifax CIO to serve four months for insider trading

2 Jul 2019
Visit/data-breaches/29418/equifax-data-breach-cost-14-billion-so-far
data breaches

Ex-Equifax CIO to serve four months for insider trading

2 Jul 2019
Visit/data-breaches/29418/equifax-data-breach-cost-14-billion-so-far/page/0/2
data breaches

Ex-Equifax CIO to serve four months for insider trading

2 Jul 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/cloud/amazon-web-services-aws/354223/what-to-expect-from-aws-reinvent-2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Visit/hardware/354232/raspberry-pi-4-owners-complain-of-broken-wi-fi-when-using-hdmi
Hardware

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019