Muslim Match dating site hacked. Private messages and profiles posted online

Graham Cluley
@gcluley

Joseph Cox at Motherboard reports:

Specialty dating site “Muslim Match” has been hacked. Nearly 150,000 user credentials and profiles have been posted online, as well as over half a million private messages between users.

Launched in 2000, Muslim Match is a free-to-use site for people looking for companionship or marriage. “Single, Divorced, Widowed, Married Muslims :: Coming together to share ideas, thoughts and find a suitable marriage partner,” the site’s Facebook profile reads.

Sign up to our newsletter
Security news, advice, and tips.

One file also contains around 790,000 private messages sent between users, which deal with everything from religious discussion and small talk to marriage proposals.

Using information within the dataset, Motherboard was able to link private messages with specific users. By cross-referencing the different files, it was possible to find out the username of the person who sent the message, as well as their logged IP address and poorly-hashed, MD5 password. Some of the messages also include extra information, such as Skype handles, which users have exchanged.

By all accounts, Muslim Match dropped the ball when it came to properly securing its systems and its users’ data.

It’s easy to imagine how this information could be abused if it fell into the wrong hands… :(

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.