News of an OkCupid data breach has been denied by the company, although a “bug” has reportedly been found by a security firm anyway.
Some users reportedly complained of their accounts being hacked and taken over. As a result of a lack of additional security, like two-factor authentication – a lack of security apparently common in the dating site industry – some users were successfully targeted by criminals.
However, OkCupid denies that a security breach has taken place. That being said, a “bug” was reportedly identified by security researchers and has apparently been fixed.
About the OkCupid data breach incidents
The reported OkCupid data breach incidents surround account takeover. Accounts have apparently been hacked into and then the email address used to login, and the password, have been changed. Some users have been unable to get back into their accounts because OkCupid is said to only correspond with the email address on the account.
A spokesperson for the dating company said:
“There has been no security breach at OkCupid. All websites constantly experience account takeover attempts. There has been no increase in account takeovers on OkCupid.”
The takeovers are being blamed on the usual issue of people reusing their access credentials across multiple sites. If their user credentials have been hacked elsewhere, criminals may attempt to use those credentials on other sites, like OkCupid. If you’ve reused them, you’re probably going to get hacked unless the site has better security.
However, there’s been at least one case where the hacked user says they didn’t reuse their credentials at all. If that’s the case, how have their credentials – unique to OkCupid – been compromised?
Is a “bug” responsible for any of the OkCupid data breach incidents?
A security team has reportedly found a “bug” affecting the android app. It could apparently allow messages to be sent that were disguised as the app and could direct someone to a fake website to re-enter their credentials.
There were worries as to whether messages between users could be intercepted and whether location services could also be abused.
This “bug” was apparently fixed, although as we said above, it’s denied that there has been an actual OkCupid data breach itself.
It’s certainly an issue to keep an eye on, though. Victims of a genuine incident can be entitled to claim for data breach compensation.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Matthew on February 19, 2019
Posted in the following categories: Cybersecurity Data Hacking News Scammers Security Social Networking and tagged with apps | cyber crime | cybersecurity | online security | personal data