Details of more than 2.28 million users of the MeetMindful website have been released online for the latest in a series of stolen data blocks.
The stolen data includes real names, email addresses, address information, body details, date preferences, marriage status, birth data, location data, IP addresses, passwords with Bcrypt hasc, Facebook user IDs and Facebook authentication tokens. The introduction of Facebook authentication tokens is particularly special because it could access MeetMindful members ’Facebook accounts in the database.
MeetMindful has not publicly dealt with either the theft of user data or their online publication.
ZDNet released the news today, stating only that the data was released by a “well-known hacker” as a “free download on a publicly accessible hockey forum known for trading there. the locked databases. SiliconANGLE can confirm that the data in question was released by ShinyHunters January 20 and was the Raid Forums forum, a popular internet forum used by hackers that is easy to find through Google search.
ShinyHunters has been a bit busy lately. It was reported last week that they had unveiled 1.9 million stolen user records from the free online photo editing service Pixlr as part of a slow release of data from various sites. Researchers at cybersecurity information company Kela Research and Strategy Ltd. data stolen on Raid Forums from Wongnai Media Co. Ltd., Tuned Global Pty. Ltd., Buyucoin, Wappalyzer, Teespring Inc. and Bonobos.com.
It is not known how the data was stolen from MeetMindful, but ShinyHunters is particularly keen to retrieve data from Amazon Web Services Inc.’s malformed databases. and S3 buckets.
“Improperly secured AWS S3 buckets are one of the leading causes of data breaches due to malformation,” Pravin Rasiah, vice president of product at cloud management platform company CloudSphere, told SiliconANGLE . “The chances of leaving the S3 bucket open are too high, as inexperienced users can simply select the ‘all users’ access option, making the bucket accessible to the public. By leaving these S3 buckets open and open they are inviting hackers to take advantage of the personal data that their customers are giving to companies. ”
To prevent such incidents, Rasiah said, “awareness within the cloud environment is essential. Businesses should invest in a cloud management platform that provides a complete, real-time view of the cloud landscape to experience anomalies while ensuring that secure data. ”
Image: Raid Forums
Since you are here …
Show your support for our mission with the one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will recommend relevant content and emerging technology content to you. Thank you very much!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We would also like to tell you about our mission and how you can help us achieve it. SiliconANGLE Media Inc.’s business model. based on the intrinsic value of the content, not advertising. Unlike many online publications, we do not have a pay wall or run banner advertising, as we want to keep our journalism open, with no impact or the need to follow traffic.News, reporting and commentary on SiliconANGLE – along with live, unwritten video from our Silicon Valley studio and global video teams at theCUBE – take a lot of hard work, time and money. Maintaining the high quality requires sponsorship support that is in line with our vision of ad-free journalism content.
If you like the commentary, video interviews and other ad-free content here, please take a moment to view a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.