Jump to content

Report: Popular Marketing Tool Exposes Dating Site Users...


David H. Lipman

Recommended Posts

Report: Popular Marketing Tool Exposes Dating Site Users in Massive Data Leak

Quote

vpnMentor’s research team recently received a report from an anonymous ethical hacker about a massive data leak exposing users of over 70 adult dating and e-commerce websites from around the world.

The various websites were all using the same marketing software built by email marketing company Mailfire — who was responsible for the leak.

The software in question had been compromised through an unsecured Elasticsearch server, exposing people all over the world to dangers like identity theft, blackmail, and fraud.

Upon further investigation, it turned out that some of the sites exposed in the data leak were scams, set up to trick men looking for dates with women in various parts of the world.

Data Leak Summary

Company Mailfire
Headquarters Cyprus
Industry Online Marketing
Size of data in gigabytes 882.1 GB
Suspected no. of records 320 million
Websites affected 70+
No. of people exposed 100,000’s
Date range/timeline August 2020
Geographical scope Worldwide
Types of data exposed Notification contents; PII data; Private messages; Authentication tokens and links; Email content
Potential impact Fraud; Identity theft; Phishing scams; Blackmail and extortion; Website account takeover
Data storage format Elasticsearch

Timeline of Discovery, Investigation, and Owner Response

  • Data leak discovered: 31st August 2020
  • Vendors contacted: 3rd September 2020
  • Response received from Mailfire: 3rd September 2020
  • Server secured: 3rd September 2020
  • Client companies informed: 4th September 2020

Sometimes, the extent of a data breach and the data’s owner are obvious, and the issue is quickly resolved. But rare are these times. Most often, we need days of investigation before we understand what’s at stake or who’s leaking the data.

Understanding a breach and its potential impact takes careful attention and time. We work hard to publish accurate and trustworthy reports, ensuring everybody who reads them understands their seriousness.

Some affected parties deny the facts, disregarding our research, or playing down its impact. So, we need to be thorough and make sure everything we find is correct and accurate.

In this case, the data leak originated from an unsecured Elasticsearch server, which we suspected was owned by Mailfire. The server appeared to be connected to a notification tool used by the company’s clients to market to their website users and notify them of private chat messages.

After investigating the server and compiling sufficient evidence to confirm Mailfire owned the exposed server, we reached out to the company and presented our findings. They acted immediately and secured the server within a few hours. Mailfire assumed full responsibility and insisted that the companies exposed were in no way responsible at all — and our research has also confirmed this to be true.

It is also worth noting that Mailfire is not responsible for the activity of the customers using their service.

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.