Coffee Meets Bagel dating app hack exposes private details of 6 million people

Stolen details are being traded on the dark web

Anthony Cuthbertson
Friday 15 February 2019 19:00 GMT
Details of around 6 million users of the dating app Coffee Meets Bagel were exposed in a hack
Details of around 6 million users of the dating app Coffee Meets Bagel were exposed in a hack (Getty Images/iStockphoto)

A popular dating app has become the latest victim of a major data breach after hackers exposed the details of 6 million of its users.

Hacked information of Coffee Meets Bagel users appeared in a huge cache of data that appeared on a popular dark web marketplace earlier this week. The previously undisclosed breach has since been acknowledged by the dating app.

Coffee Meets Bagel revealed details about the hack in an email to its users on Valentine's Day, explaining that members' names and email addresses had been exposed.

"We recently discovered that some data from your Coffee Meets Bagel account may have been acquired by an unauthorised party," the email stated.

"Once we became aware, we quickly took steps to determine the nature and scope of the problem... We have engaged forensic security experts to conduct a review of our systems and infrastructure."

The dating app also said it was making improvements to its security to better detect and prevent unauthorised access to its systems in the future.

Despite the relatively limited amount of information exposed by the hack, security experts warned the data breach could open up the victims to further cyber attacks.

"Although no financial information was leaked as a consequence of the breach, the success of this kind of attack opens up a number of threats for the people whose data becomes compromised," Dean Ferrando from the cyber security firm Tripwire told The Independent.

"Just recently, news broke of entire collections of email addresses and passwords being sold on the dark web, where hackers can purchase and exploit them in credential stuffing attacks and phishing campaigns."

Other cyber experts said the latest breach should serve as a reminder for people to take care online.

"This type of data breach is fairly common, and most people affected probably have lost similar information multiple times through other data breaches," said Israel Barak, chief information security officer at Cybereason.

"The most important takeaway for consumers is ensuring they understand that some level of security hygiene is needed."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in