Six million male members may have been exposed after hack of gay dating service

No, not that kind of member.

Graham Cluley
@gcluley

Six million male members may have been exposed after hack of gay dating service

Manhunt, a popular gay dating service, has suffered a data breach which may have put members at risk of exposure.

As TechCrunch reports, Manhunt – which was launched in 2001 and claims to be the world’s largest gay chat and dating site – has been hit by a data breach that exposed sensitive information.

ManHunt discovered on 2 March that a hacker had gained access to its database the previous month, and had downloaded the usernames, email addresses, and passwords “for a subset of [its] users.”

Sign up to our newsletter
Security news, advice, and tips.

In response, Manhunt reset the passwords for affected accounts and called in third-party experts to investigate if hackers continued to have access to its systems.

The site said that it had found no evidence that users’ pictures, messages, or profile details had been accessed by the malicious hacker (which surely is a huge relief), and underlined that as it does not transmit or store any payment card information such details were not exposed.

Of course, that isn’t the only thing that might be giving you a sleepless night if you were unlucky enough to have had your particulars breached.

There is also the danger that an attacker might exploit the email addresses of Manhunt users to send out phishing attacks. In addition, a blackmailer might scour a database of Manhunt users and attempt to extort money out of those who would rather their membership of such a site was not made public, or shared with their employer or family.

Unfortunately, Manhunt does not make clear in its data breach notification how it was storing passwords – were they (gulp!) in plain text or scrambled using a weak algorithm that could be reversed by an attacker?

As ever, it’s wise to be cautious. Never use the same password in different places. Use a password manager to generate complex, random passwords for all of your accounts and store them securely.

Dating sites have had a pretty shabby record when it comes to their online security. Perhaps most tragically, the massive breach of adultery website Ashley Madison even resulted in some users taking their own lives.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.