Crypto hacking collective ShinyHunters has leaked over 10 million user records from popular dating apps owned by Match Group, including Match, Hinge, and OKCupid.
- Lithuanian outlet Cybernews revealed a range of private data such as Hinge match profiles, subscription IDs, and even employee emails and contracts.
- ShinyHunters, known for extorting companies with crypto ransoms, previously extorted AT&T for six Bitcoin (worth around $373,000) in exchange for not leaking data.
- As this stolen data circulates on the dark web, it could be sold to criminals who use it for phishing schemes.
The reported data, which was published on the group’s dark web blog, includes sensitive user information such as IDs, IP addresses, and other personal details. It is believed to have been extracted through the mobile analytics platform AppsFlyer.
Lithuanian outlet Cybernews investigated the stolen records, revealing a range of private data such as Hinge match profiles, subscription IDs, and even employee emails and contracts. Additionally, some data from the Indian dating app Vivald was also found in the breach. Although the leaked records contain limited personal identifiers, researchers warned that the nature of dating app data makes it especially valuable for crafting targeted scams and phishing attacks.
ShinyHunters, known for extorting companies with crypto ransoms, previously extorted AT&T for six bitcoin (worth around $373,000) in exchange for not leaking data. In the case of French crypto tax firm Waltio, the group attempted to extort the company over a leak of 50,000 user records, but Waltio chose to take legal action against the hackers.
In another recent leak, ShinyHunters claimed responsibility for breaching US bakery chain Panera Bread, with 14 million records reportedly exposed. As this stolen data circulates on the dark web, it could be sold to criminals who use it for phishing schemes or even physical attacks, posing serious security risks for the affected users.
