The hacking group ShinyHunters claims to have leaked over 10 million user records from major dating platforms including Match, Hinge, and OKCupid. While some of the data lacks deep personal details, it includes sensitive corporate records, transaction logs, and profile match histories that could be exploited for targeted phishing scams.
The cybercriminal collective ShinyHunters recently announced on their dark web blog that they have successfully compromised and leaked over 10 million user records belonging to Match Group. The breach impacts several prominent dating services, specifically Match, Hinge, and OKCupid. According to reports from the outlet Cybernews, the stolen information allegedly includes user identifiers, IP addresses, and various forms of sensitive digital data.
Initial investigations suggest that the hackers obtained this information by targeting AppsFlyer, a mobile analytics platform used by the dating apps. Upon reviewing the leaked database, researchers found a wide variety of information ranging from personal user details to internal corporate records. The haul reportedly contains specific Hinge match profiles, lists of individuals paying for premium subscriptions, and even internal employee contracts and emails.
Beyond the major global brands, the leak also appears to include data from the Indian dating application Vivald. The researchers examining the files noted that the sample contains extensive logs of profile changes and lists of active accounts. However, they pointed out that because of the way the data is structured, it is not always immediately clear which specific app some of the individual records originated from.
While the publication Cybernews noted that the data contains certain identifiers, they clarified that it does not necessarily expose an overwhelming amount of deeply private personal information for every user. Despite this, the nature of the data remains a significant concern for security experts. Even partial information regarding a person's dating habits or subscription status can be highly valuable to bad actors looking for leverage.
The primary risk identified by security researchers is the potential for highly sophisticated fraud. Because the leaked data involves personal dating interactions, scammers can use it to create personalized phishing campaigns that carry a much stronger psychological impact than standard spam. These tailored attacks are often used to manipulate victims into revealing further financial information or falling for complex extortion schemes.
Source: Crypto Hackers Target Hinge And Match Group In Major Data Leak