ShinyHunters Group Claim Breach of Match Group, Leaks Data
Learn More
Match Group, the operator of popular online dating services is investigating a cyberattack that breached the systems used by Hinge, Tinder, OkCupid, and Match.com.
The ShinyHunters group claimed the attack and leaked 1.7 GB of files. The hackers claim they have 10 million user records.
The attackers used voice phishing to steal login details and set up a fake login page at matchinternal.com to persiade employees into giving up their Okta accounts. This gave the hackers entry to the company's Google Drive, Dropbox, and a marketing tool called AppsFlyer.
The stolen files include internal company documents and app usage data used. The exposed data includes:
- User IDs and phone numbers
- IP addresses and approximate locations
- Dating profile bios and match logs
- Transaction details for premium features
- Internal corporate emails and contracts
The number of affected individuals is not disclosed. Match Group claims the hackers did not get passwords, bank details, or private chats.
The company is working with outside experts to investigate the incident. A Match spokesperson said, "We are aware of claims being made online related to a recently identified security incident. Match Group takes the safety and security of our users seriously and acted quickly to terminate the unauthorized access. We continue to investigate with the assistance of external cybersecurity experts."
