back to article Data of 42 MILLION seekers for love plundered from Aussie dating site

A hack against online dating site Cupid Media that led to the exposure of the personal details and plain text passwords of 42 million consumers appears to have been pulled off by the same group of hackers who pulled off an even bigger pwnage against Adobe. Names, email addresses, unencrypted passwords and birthdays from the …

COMMENTS

This topic is closed for new posts.
  1. Chad H.

    Ummm

    How can it be 42 million dateless Aussies when the total population is only 20 odd million?

    1. Ian K

      Re: Ummm

      All those lonely sheep in the Outback?

      1. theblackhand

        Re: Ummm

        Maybe it's the sheep that realised their prospects in the outback were limited and moved to the city?

    2. Sandpit

      Re: Ummm

      I think the forgot to exclude the 41.5 million spambot accounts, which probably also accounts for the mass poor passwords.

      1. The First Dave

        Re: Ummm

        Think that is more likely to be 1.5m spam-bot accounts, and 40m "staff profiles, purely for testing purposes"

    3. jonathanb Silver badge

      Re: Ummm

      Because Cupid is full of fake profiles, even if their auditors can't find them.

    4. Velv
      Headmaster

      Re: Ummm

      Sorry to burst the bubble of humour, but a quick online check says:

      "Cupid Media is a niche online dating network with over 30 million people internationally"

      OK, so in one they say 30, and another they say 42. Critically its the "INTERNATIONAL" part that makes the difference.

      1. Anonymous Coward
        Anonymous Coward

        Re: Ummm

        Yes, so we make that 41.5 million INTERNATIONAL spambot accounts.

      2. DiViDeD

        Re: Ummm

        Well Spotted. INTERNATIONAL, eh? So those numbers include Tasmania as well then.

        Got it

        ;o)

  2. Anonymous Coward
    FAIL

    Not just the users at fault

    "Facebook won plaudits from security watchers for its actions but the schemes like this can only mitigate against the problem without dealing with its root causes, lamentably awful password security practices by many netizens."

    Isn't another of the root causes that there are still organisations out there which were still, in 2013 and after all the other high profile data losses, allowing trivial passwords and storing them unencrypted as if salting and hashing were esoteric novelties? Arguably they were even more culpable than their poor dumb users since you'd expect whoever they got to build their site to be professionals who were aware of the risks and actually had a clue.

  3. Tzhx

    So, this basically says that Facebook can reverse your password? My understanding was that for 'good security', and Zuckerberg being the "elite hacker-type" the media portrays him as we shouldn't have anything less, the password hashing / salting should not be reversible.

    I like how the spell-checker in Firefox suggests 'Cocksucker' as a correction for 'Zuckerberg'. Unhappy former employee, perhaps?

    1. Lyle Dietz

      No reversal needed

      They have a plain text dump. They can take these password, hash them with the same salt as the FB password, and see if they get the same hash as is stored in the database. You know, like what happens whenever you log in.

  4. Version 1.0 Silver badge

    "the leaked data appears to be genuine"

    Unlike 80% of the profiles on the site.

    1. Crazy Operations Guy

      Re: "the leaked data appears to be genuine"

      I was wondering how many of the accounts were either fraudsters or prostitutes...

      Although now we have a list of email addresses and a general gauge of how computer savvy they are, so now we'll be seeing fraud on the rise (mostly the classics: soldier in Middle East needs money to call home, 'hot woman' trapped in foreign country, green-carder, etc)

This topic is closed for new posts.

Other stories you might like