Six million male members may have been exposed after hack of gay dating service

No, not that kind of member.

Six million male members may have been exposed after hack of gay dating service

Manhunt, a popular gay dating service, has suffered a data breach which may have put members at risk of exposure.

As TechCrunch reports, Manhunt – which was launched in 2001 and claims to be the world’s largest gay chat and dating site – has been hit by a data breach that exposed sensitive information.

ManHunt discovered on 2 March that a hacker had gained access to its database the previous month, and had downloaded the usernames, email addresses, and passwords “for a subset of [its] users.”

Sign up to our free newsletter.
Security news, advice, and tips.

In response, Manhunt reset the passwords for affected accounts and called in third-party experts to investigate if hackers continued to have access to its systems.

The site said that it had found no evidence that users’ pictures, messages, or profile details had been accessed by the malicious hacker (which surely is a huge relief), and underlined that as it does not transmit or store any payment card information such details were not exposed.

Of course, that isn’t the only thing that might be giving you a sleepless night if you were unlucky enough to have had your particulars breached.

There is also the danger that an attacker might exploit the email addresses of Manhunt users to send out phishing attacks. In addition, a blackmailer might scour a database of Manhunt users and attempt to extort money out of those who would rather their membership of such a site was not made public, or shared with their employer or family.

Unfortunately, Manhunt does not make clear in its data breach notification how it was storing passwords – were they (gulp!) in plain text or scrambled using a weak algorithm that could be reversed by an attacker?

As ever, it’s wise to be cautious. Never use the same password in different places. Use a password manager to generate complex, random passwords for all of your accounts and store them securely.

Dating sites have had a pretty shabby record when it comes to their online security. Perhaps most tragically, the massive breach of adultery website Ashley Madison even resulted in some users taking their own lives.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.