Massive data breach exposes personal details of over 765,000 Senior Dating users

On November 23, 2024, a significant data breach involving the 40+ dating platform Senior Dating compromised the personal information of 765,517 users. The breach, stemming from an exposed Firebase database, revealed highly sensitive details, raising critical concerns about the safety of personal data on online matchmaking platforms. The incident became widely known on December 9, 2024, after its inclusion in the Have I Been Pwned (HIBP) database.

The exposed information encompasses a broad array of personal data, including email addresses, profile photos, genders, dates of birth, geographic locations, links to Facebook accounts, and user preferences like drinking and smoking habits, education levels, occupations, and relationship statuses. This level of detail heightens the risk of exploitation through identity theft, fraud, stalking, or other malicious activities.

In addition to Senior Dating, another platform under the same ownership, Ladies.com, was also impacted. Both sites have been shut down in response to the breach, but the consequences for affected users remain substantial.

Security experts have warned about cybercriminals’ potential to exploit the leaked data. Boris Cipot, Senior Security Engineer at Black Duck Software, emphasized the gravity of the breach, stating: “This sort of exposed data poses a potential risk for not only phishing but also identity theft, stalking, and targeted attacks on the impacted users. The exposed information could also potentially be used to target further contacts of the victim on social media accounts, for example.”

Cipot urged affected individuals to take immediate precautions, such as changing passwords on all platforms with the same credentials. He also stressed the importance of enabling multi-factor authentication (MFA) to enhance account security and monitor accounts for suspicious activities, particularly bank and credit card accounts.