Mingle2 was created by 2 singles passionate about creating a new “online dating” culture.
In what must rate as one of the worst password security breaches ever, it has been discovered that the names, addresses, dates of birth and unencrypted passwords of over 40 million online daters have been stolen by hackers.
The company’s Web site and Twitter feed state that Cupid Media has more than 30 million customers around the globe.
Unfortunately, many companies have a habit of storing data on customers who are no longer active.
It has since been discovered on a web server, alongside data stolen in other hacks, including a recent attack against Adobe.
Cupid Media is a firm based in Queensland, Australia, that runs a wide variety of niche dating websites including Asian Dating.com, Christian Cupid.com, Single Parent Love.com, Gay Cupid.com, and Thai Love amongst many others.
“We are currently in the process of double-checking that all affected accounts have had their passwords reset and have received an email notification.” as listed in the purloined directory, he suggested I might have “illegally accessed” some of the company’s member accounts.
He also noted that “a large portion of the records located in the affected table related to old, inactive or deleted accounts.” “The number of active members affected by this event is considerably less than the 42 million that you have previously quoted,” Bolton said.
Andrew Bolton told Brian Krebs: "In January we detected suspicious activity on our network and based upon the information that we had available at the time, we took what we believed to be appropriate actions to notify affected customers and reset passwords for a particular group of user accounts. However, what is very clear is that many of the passwords exposed in this latest security breach are woefully bad choices by Cupid Media's users.
We are currently in the process of double-checking that all affected accounts have had their passwords reset and have received an email notification." What's alarming is that there doesn't appear to have been any media reports confirming that a security incident involving customer data occurred at Cupid Media in January 2013. Here is a list of the ten most commonly used passwords, according to the Cupid Media customer database seen by Brian Krebs: These passwords would be abysmal choices if the websites had been storing them in a secure, encrypted format.