ShinyHunters Hackers Dump Sensitive User Info Online in MeetMindful Data Breach
Note: We are reader supported and may earn a small commission when you click on links in posts
About 2.3 million users of dating site MeetMindful have been exposed in a massive data breach. ShinyHunters hacking group posted the tranche of stolen data online.
Cybercriminals were able to compromise An unpatched security vulnerability in a database containing sensitive customer information.
The stolen data from the MeetMindful data breach can be downloaded for free from a public forum used by hackers.
If you have a MeetMindful account, immediately change your password and consider using a password manager to create strong, complex passwords.
MeetMindful Dating Site
MeetMindful is an online dating site and app. Users set up profiles to connect with others who are interested in mindful and spiritual living. The dating site offers free and paid accounts.
The company confirmed the breach and posted details on their website.
The MeetMindful data breach only impacts users who opened accounts before March 2020. So, if you started looking for love during the pandemic then unfortunately you may been hacked. Sorry.
Last week adult streaming site, MyFreeCams was also breached. Customer data was stolen from two million paying customers and models. That stolen data was posted for sale online.
Compromised personal details includes:
- Real names
- Email address
- ZIP codes
- Dating preferences
- Birth dates
- Marital status
- IP addresses
- Account passwords
- Account creation
- IP address
Stolen account passwords are encrypted.
For some MeetMindful customers, additional information has been hacked
- Dating preferences
- Body details
- Latitude and longitude
- Facebook user IDs and Facebook authentication tokens
No passwords, photos, conversations, matches, credit card data, or other financial information was compromised.
According to the announcement from MeetMindful and ZDNet, the 1.2GB of customer data was posted online along with data stolen from the Teespring.com and Bonobos data breaches.
MeetMindful States that it has already contacted all users who are affected by the data breach.
MeetMindful Data Breach – What Do I Do Next?
Cybercriminals often use personal information stolen in data breaches to launch future cyberattacks and phishing campaigns against potential victims.
Scam emails known as sextortion scams are used to scare victims into thinking that their personal details will be exposed to family and coworkers unless they pay a certain amount of hush money. The fraudsters often use a portion of the stolen personal information, like a real phone number or email address, to convince the victim that they have more embarrassing information about them.
For example, a cybercriminal might email a victim a note saying they will release embarrassing webcam videos of them watching adult content to mine. the body of the email may contain their first name phone number or even one of their account passwords. This is done to add credibility to the claim. The cybercriminal often threatens that they will send the embarrassing webcam photos or videos and send them to the victim’s family, friends, and coworkers unless a fee is paid.
Sextortion may be used against customers of dating websites and adult websites. It is even sent to victims who have nothing to do with any kind of adult content. Nonetheless, they are usually scared by the thought of losing their job or feeling embarrassed in front of loved ones.