ShinyHunters leaks PII of 2.3m MeetMindful users on the dark web

ShinyHunters leaks PII of 2.3m MeetMindful users on the dark web

Internal NCC training data and CREST exam questions leaked on Github

A hacker using the pseudonym ShinyHunters has reportedly leaked personal details of 2.28 million users of dating site MeetMindful on a hacker forum accessible to the public.

The massive leak of the personal data of millions was first reported by ZDNet who learned from a security researcher that the massive data dump was made available to download for free on a hacker forum. The publicly-accessible forum has since been visited over 1,500 times, indicating that the data may already have been circulated among data brokers and cyber criminals.

According to ZDNet, the 1.2GB file of raw data contained MeetMindful users' personal information like real names, dates of birth, location, email addresses, hashed passwords, marital status, dating preferences, and body details. The database also contained additional details of users such as their Facebook user IDs and their Facebook authentication tokens.

MeetMindful projects itself as a social networking platform that helps people connect and build strong relationship foundations. The company was founded in 2014 but despite boasting millions of users, it doesn't seem to be much popular based on user reviews and star ratings on the Google Play Store.

ZDNet attempted to contact MeetMindful via Twitter following the data leak but has not been successful in drawing a response from the company. “When we reached out for comment to MeetMindful on Thursday via Twitter, a MeetMindful spokesperson redirected our request to an email address from where we have not heard back for three days,” it said.

This is not the first time that ShinyHunters has claimed responsibility for leaking the personal details of millions. Earlier this month, the hacker leaked around 1.9 million user records associated with online photo editing site Pixlr on a dark web forum along with data stolen from other websites.

ShinyHunters claimed in the dark web forum, where he shared all 1,921,141 Pixlr user records for free, that he gained access to these details after breaching the 123RF stock photo site which, like Pixlr, is also owned by Inmagine. He also claimed that he downloaded the database from Pixlr's AWS bucket at the end of 2020.

According to Bleeping Computer, ShinyHunters is well-known for hacking into websites and selling large troves of stolen information via data brokers on the dark web. The victims of ShinyHunters include 123RF, Tokopedia, Homechef, Minted, Chatbooks, Dave, Promo, Mathway, Wattpad, and others.

Copyright Lyonsdown Limited 2020

Top Articles

Universal Health Services lost $67m to a Ryuk ransomware attack last year

Universal Health Services said the cyber attack cost it $67 million in remediation efforts, loss of acute care services, and other expenses.

How the human immune system inspired a new approach to cyber-security

Artificial intelligence is being used to understand what’s ‘normal’ inside digital systems and autonomously fight back against cyber-threats

Solarwinds CEO blames former intern for hilarious password fiasco

SolarWinds has accused a former intern of creating a very weak password for its update server and storing it on a GitHub server for months.

Related Articles