- ‘MeetMindful’ had a data breach that resulted in a leak that’s deluging hacker forums right now.
- The exposure is severe, including real names, email addresses, home addresses, marital status, and Facebook IDs.
- The platform was already having serious trouble convincing its userbase to stay aboard, so this may be the final act for them.
‘MeetMindful,’ a popular dating app that attempts to make matches between people who share the same values and views, had a data breach incident that went unnoticed or simply undisclosed. Now, the products of it are leaking online.
This is always a catastrophe for the exposed individuals, as dating apps are often used by people who are married or in a relationship. Having their real names exposed like that creates first-class blackmailing opportunities for malicious individuals.
The pack that is being shared for free is 1.2 GB in size and contains 2.28 million records with the following extremely sensitive details:
- Real names
- Email addresses
- City, state, and ZIP details
- Body details
- Dating preferences
- Marital status
- Birth dates
- Latitude and longitude
- IP addresses
- Bcrypt-hashed account passwords
- Facebook user IDs
- Facebook authentication tokens
ZDNet has taken a closer look at the data and confirms that it appears valid and that tracing back the exposed dating profiles to real identities is pretty trivial. Already, thousands of actors are downloading the dataset and possibly engaging in extortion against MeetMindful users. Still, the platform has so far failed to issue an official statement on the events. It is safe to suggest that the exposed users have not received a notification about this breach either.
The app has a review score of only 1.8 stars on the Google Play store, with users complaining about being too buggy, having a relatively small community, too many limitations in place, glitches in content uploading, poor customer service experience, and substantial fears for the presence of many fake/bot profiles. Now that such a catastrophic data breach is added to the mix, we guess that it’ll be next to impossible for MeetMindful to continue.
If you are among the app’s users and worried about your private life, we would suggest that you begin by resetting your passwords wherever you may be using the same credentials and keep an eye for scam emails, SMS, or letters that arrive via post. If someone tries to blackmail you, don’t hesitate to report it to the police immediately. Giving in to threats won’t guarantee absolution. On the contrary, they will give actors a perfect reason to continue indefinitely.