The personal data of around 1.1 million people could be sold off on the black market after it was revealed that the dating website BeautifulPeople.com had experienced a data breach.
The company describes its service as “online dating for beautiful people only”, as aspiring members must first win approval from the app’s accepted users before being paired up with like-minded individuals.
The leaked private information could include member’s names, addresses, sexual preference, relationship status, phone numbers, email addresses and even private messages.
The sensitive nature of the attack is reminiscent of last year’s disastrous Ashley Madison breach, although on a smaller scale than the 37 million users who were affected last summer.
According to a report by Wired, the flaw was first discovered last December when security researcher Chris Vickery found the information via the database management software MongoDB.
Although Mr. Vickery informed Beautiful People that its database was exposed, the information was apparently taken from the database by one or more unknown parties before the company had a chance to make it private.
Beautiful People has described the database containing the information as a “test server”, although it will make little difference to the victims which could include anyone who signed up to the site before mid-July 2015.
Mr. Vickery told Forbes, which originally reported this story, that the database he’d obtained contained over 15 million messages between users.
The company has said that all victims were notified of the incident in December, and will be contacted again in light of this latest development.
This incident serves as another reminder to be extra careful when handing over sensitive details. Good looks may get you a long way in life, but they won’t help protect you against cybercriminals.