Muslim Match dating site hacked. Private messages and profiles posted online

Joseph Cox at Motherboard reports:

Specialty dating site "Muslim Match" has been hacked. Nearly 150,000 user credentials and profiles have been posted online, as well as over half a million private messages between users.

Launched in 2000, Muslim Match is a free-to-use site for people looking for companionship or marriage. "Single, Divorced, Widowed, Married Muslims :: Coming together to share ideas, thoughts and find a suitable marriage partner," the site's Facebook profile reads.

...

One file also contains around 790,000 private messages sent between users, which deal with everything from religious discussion and small talk to marriage proposals.

Using information within the dataset, Motherboard was able to link private messages with specific users. By cross-referencing the different files, it was possible to find out the username of the person who sent the message, as well as their logged IP address and poorly-hashed, MD5 password. Some of the messages also include extra information, such as Skype handles, which users have exchanged.

By all accounts, Muslim Match dropped the ball when it came to properly securing its systems and its users' data.

It's easy to imagine how this information could be abused if it fell into the wrong hands... :(

Tags: , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, ,

No comments yet.

Leave a Reply