Following on from the several big recent hacking scandals where million of users’ personal details have been compromised, Guardian Soulmates – a dating service provided by The Guardian newspaper – are the latest victim of a cyber-hack.
Users of the dating website reportedly received sexually explicit emails following on from the hack. Soulmates usernames and email addresses were exposed by an unknown third-party service provider, according to Guardian News and Media (GNM).
According to the dating website provider, the problem has now been fixed.
However, during the glitch it was possible for hackers to find the profiles of Soulmates’ members online, which included their usernames and emails. The Guardian have confirmed that other personal information like dates of birth or financial information were not exposed in the breach.
As the information was made public for a period of time, details such as a photos, relationship preferences, and physical descriptions could be potentially accessed. Many see dating and relationship preferences as a private matter, and it can be embarrassing, to say the least, for your private and sensitive information to be leaked online for anyone to find.
Spam email
Users said they received spam messages which included details plucked from their dating profiles. According to one user, who chose to remain anonymous, they “basically had been receiving spam […] directly referencing information that could only have come from the Soulmates database… it’s all information that I was happy to put online at one point anyway, but when it’s used outside of context like that it does feel a lot more creepy.”
This particular user alerted Soulmates in November 2016 but only received an email confirming what had happened in late April 2017. A big mistake if this was sat on for so long. It is somewhat confusing as to why a media outlet that reports on these kinds of cyber-attacks daily seemingly failed to notify users immediately; let alone nearly 6 months later.
GNM confirmed that they received 27 inquiries from their users which evidenced that their email addresses used for their dating account had been exposed. Investigations are in full swing, which currently points to human error from one of their third-party providers, as a source of the breach. Unfortunately, this then led to the exposure of their data.
Apology
GNM has issued an apology to victims of the breach and has encouraged Soulmates members to contact their dedicated support team. In a statement they said:
“…we take matters of data security extremely seriously and have conducted thorough audits and are confident that no outside party breached any of these systems… we have taken appropriate measures to ensure this does not happen again.”
However, it fails to detail what these “appropriate measures” are.
ICO
The Information Commissioner’s Office ICO) are “aware of a potential incident involving Guardian Soulmates and will be looking into the details” and can issue fines and sanctions where appropriate.
A cyber-security expert, Professor Alan Woodward, pinpoints the sad reality in today’s technological world: “when we start using an online service of any nature, we put our trust in people to protect our information”.