The personal data of around 1.1 million people could
be sold off on the black market after it was revealed that the dating website
BeautifulPeople.com had experienced a data breach. The company describes its
service as “online dating for beautiful people only”, as aspiring members must
first win approval from the app’s accepted users before being paired up with
like-minded individuals.
The leaked private information could include
member’s names, addresses, sexual preference, relationship status, phone
numbers, email addresses and even private messages. The sensitive nature of the
attack is reminiscent of last year’s disastrous Ashley Madison breach, although on a
smaller scale than the 37 million users who were affected last summer.
According to a report by Wired, the flaw was first discovered
last December when security researcher Chris Vickery found the
information via the database management software MongoDB. Although Mr. Vickery
informed Beautiful People that its database was exposed, the information was
apparently taken from the database by one or more unknown parties before the
company had a chance to make it private.
Beautiful People has described the database
containing the information as a “test server”, although it will make little
difference to the victims which could include anyone who signed up to the site
before mid-July 2015.
Mr. Vickery told Forbes, which originally reported
this story, that the database he’d obtained contained over 15 million messages between users. The company has said
that all victims were notified of the incident in December, and
will be contacted again in light of this latest development.
This incident serves as another reminder to be
extra careful when handing over sensitive details. Good looks may get you a
long way in life, but they won’t help protect you against cybercriminals.