May 16, 2020 at 7:23 pm CDT By Jonathan Marshall, FOX13Memphis.com. ARKANSAS — The COVID-19 pandemic has caused tough times for many. The Arkansas Division of Workforce Services is working to. Amid the pandemic, using trust to fight shadow IT. (Download Duong and Rizzo's paper on the BEAST attack pdf.). 'Red alert: HTTPS has been hacked,' was originally published at InfoWorld.com.
Millions of users of the dating site MeetMindful got some unpleasant news on Sunday. ZDNet reported that the hacker group ShinyHunters, the same group who leaked millions of user records for the company that listed the “Camp Auschwitz” shirts, has dumped what appears to be data from the dating site’s user database. The leak, which was confirmed by the company, purportedly contains the sensitive information of more than 2.28 million of the site’s registered users.
According to ZDNet, the 1.2 gigabyte file was shared as a free download “on a publicly accessible hacking forum known for its trade in hacked databases.” The company said the leaked information included first names, and in some cases last names; emails; encrypted passwords and other credentials, which it said were not able to be accessed; basic account details including city, state, date of the account’s creation and last active dates; some birthdays; and email and other notification preferences.
MeetMindful stated that no passwords, photos, conversations, matches, credit card data, or other financial information was leaked. It added that no personal information relating to matches, such as messages, photos, favorites, or user views, was released.
The outlet, which included screenshots of the file posted to the hacker forum as well as a small sample of the data exposed, highlights that not all the leaked accounts include the user’s full details. Nonetheless, it stated that the information leaked could be used to link individuals’ dating profiles to their real-world identities. The hacking forum where the data was posted has been viewed more than 1,500 times. Per the outlet, it is still available for download.
ZDNet said it was informed of the leak by a security researcher, who it did not name, earlier this week. It added that it had contacted MeetMindful on Thursday to ask for a comment on the matter but had not received a response for days.
Gizmodo got in touch with MeetMindful on Sunday and was pointed to an article by co-owner Keith Gruen on the company’s response. Gruen said that a “well-known hacker” posted user information from several companies on Jan. 20, including MeetMindful, and apologized for the breach.
“We are deeply sorry that this has happened, and want to be as candid and transparent as possible about what occurred, who was affected, and how we’re moving forward,” Gruen wrote.
Gruen said the hacker exploited a now-closed vulnerability in its system and was thus able to export an outdated version of a list of basic user information. The breach affected users who signed up for MeetMindful before March 2020, the company explained. Users who created an account after March 2020 or have updated their account details since March 2020 were not affected.
The company stated that it had brought brought in “additional development resources to ensure future safety.” It also said that he had reached out to all likely affected users and was actively reviewing its systems and procedures to ensure that this didn’t happen again.
“We have increased our level of security on all servers and within our application. This may result in slow access times or firewall checks for some user,” Gruen said.
According to its Crunchbase profile, MeetMindful is a dating site platform for “people who are into health, well-being, and mindfulness.” It was founded in 2013, is based in Denver, Colorado, and is still active.
Here’s where it starts to get a little strange, though. The site’s listedsocialmedia channels have been inactive for months, which is interesting considering that major dating apps have been growing during the pandemic. I mean, don’t they want to encourage their users to date (safely)? From the outside, the service seems like dead zone. Who knows though, it could be all the rage inside the site itself.
In the company’s post, Gruen did not comment on the amount of users affected by the hack. He advised users to reset their passwords to add additional security to their accounts and not to respond if they get a text or email asking for their account numbers or passwords. MeetMindful will never ask users to share personal information in an email or text, Gruen said.
Pandemic 2 Hacked Download
[ZDNet]
Pandemic 2 Hacked Download Pc
Update 1/25/2021, 9:40 a.m. ET: This post has been updated with additional information from MeetMindful.