Muslim Match dating site hacked, losing 150,000 user details

Muslim Match is the latest site to be targeted by criminals, who also posted users' messages online

The Muslim Match online dating website has been hacked, spillig 150,000 user credentials and profiles plus more than half a million private messages between users.

Security researcher Troy Hunt added the details of the users targeted to his site so its users could check whether their information had been stolen, although technologist Thomas White decided to post the full database to his site for the public to download.

"What's worrying is that Muslim Match doesn't seem to have been encrypted, which would be the most effective way to keep information free from the prying eyes of hackers," Brian Spector, CEO of MIRACL said. "And with data such as personal messages being available to the attackers, we could see a similar scenario to that of Ashley Madison, where users who sent sensitive messages are blackmailed."

The Muslim Match website was set up to help single, divorced, widowed and married Muslims help find a suitable marriage partner.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The information made available includes whether the user was a convert to Islam, their job, living and marital status, plus whether they would consider having multiple partners.

"With so many breaches in the news each week, no wonder our fundamental trust in the Internet has eroded," Spector added.

"But we don't have to give in to these weekly announcements about mass data breaches. Customers are rightly demanding to be protected when they submit their valuable personal information on the web, and online services need to respond appropriately by securing their websites and replacing the password with more rigorous authentication technologies."

Javvad Malik, security advocate at AlienVault said the size of Muslim Match may have been why it was targeted by criminals.

"Smaller and niche sites often have fewer resources to dedicate to security, it's often a case of building a product and gaining market traction before thinking of security," he said. "However, no online company is too small' or unimportant to be targeted by attackers, especially when user data is involved."

"Targeting private messages between individuals can expose embarrassing secrets in any environment, this becomes even more apparent for dating sites. The added religious and cultural taboos could make details from this particular breach even more damaging, so blackmail can be a very real possibility."

Advertisement - Article continues below

Malik added that users of any website should think about the information they share, including photos, carefully considering the impact if they are stolen.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020