Vanity dating site BeautifulPeople popped

Vanity dating site BeautifulPeople popped

A December breach dismissed as minor at the time has turned ugly for dating-for-narcissists site BeautifulPeople.

Security researcher and architect of HaveIBeenPwned, Troy Hunt, has told Forbes ‘net scum are now offering data from a million BP users for sale.

The site, which once, inexplicably and unforgivably, judged that El Reg hacks don’t count as beautiful, collected the usual hoard of information about its users – user ID, email address, location data, physical characteristics, jobs, sexual preferences and more, all of which is in the compromised profiles.

Researcher Chris Vickery told Forbes the information was copied from an unsecured test server running MongoDB.

MongoDB has proven problematic for sysadmins wanting security:

  • Last year, Shodan’s John Matherly said a long-standing MongoDB insecure default config was spewing data left, right and centre;
  • Over the weekend, an unprotected MongoDB machine exposed 93 million Mexican voters’ information;
  • Vickery’s employer MacKeeper was popped the same way in December.

BeautifulPeople told Forbes passwords and financial data were not at risk and claimed to have notified all affected users.

So there’s only enough information leaked to mount a halfway-decent identity theft campaign, instead. ®

Archives

About CCN

Chicago Computer Network (CCN) Inc. is a leading provider of Information Technology (IT) and consulting services for Chicago-based businesses. At CCN, we enthusiastically provide outstanding IT support and are committed to saving you time and money, while delivering long-term technology solutions to meet the current and evolving needs of your business.

Clients Worlwide

CCN has helped clients around the globe manage their IT services.

CONTACT

Business Hours: 8a-5p M-F
Managed Services: 24/7/365 Support

© Chicago Computer Network | All Rights Reserved