Some OkCupid users claim their information is compromised; app managers deny it
In online dating services, lies, exaggeration
and disappointments abound, but according to network security and ethical
hacking specialists from the International Institute of Cyber Security say they
are also easy targets for hackers.
Dating
apps may not
store the most personal data, as is the case with banks or hospitals, but they
guard details too intimate, which puts them in the sights of malicious hackers.
Either by using backdoors or using brute force or leaked passwords, services
like Ashley Madison or AdultFriendFinder are some of the most popular victims
of this kind of incidents.
According to network
security specialists, OkCupid
service has become the most recent victim.
In recent days, one of the service users
claimed that his account was hacked. The user, who has decided to remain
anonymous, reported that the hacker entered his account and changed his
password, so the user was expelled from his own account. As if it were not
enough, the user mentions that the attackers changed his email address, so it
was impossible to reset his password.
OkCupid took no action to corroborate the
change of email, made the change without questioning anything. The user sent an
email to OkCupid customer service, which responded: “We regret that we cannot
provide details about an account that is not linked to your email address”. The
user mentions that the attacker who hacked his account started harassing him
via SMS.
This was not an isolated case, say network
security specialists. Eventually, many other users began to report that their
OkCupid accounts had been hacked. One of these users said, “I spent two days
controlling the damage caused by the hacker until OkCupid decided to reset my
password”.
Other upset users ran with better luck, as the
company reestablished its passwords as soon as possible. However, some users
claim that hackers can still access compromised accounts.
Users are not yet explained how the attackers
accessed their passwords. OkCupid says that “this is not a data breach”.
Natalie Sawyer, spokesperson for the dating service, said: “Any website is
constantly facing attempts to hijack accounts, but we can say that this is not
what happens in OkCupid”.
When being questioned about the measures
OkCupid will implement to mitigate greater risks, the spokesperson mentioned
that “the company has no more to say at the moment”.
Like dating services such as PlentyOfFish,
Badoo, eHarmony, among others, OkCupid does not have a multi-factor
authentication system.
In addition to dealing with the pressure of
contacting strangers online, users will now have to take care of hackers as
well.
