The dating app Manhunt, a popular site for gay singles, is going public about a data breach that occurred recently. According to a letter sent to the Washington State attorney general’s office by Manhunt’s legal team, the breach affects thousands of Washington residents. The letter, written by the company’s lawyer Stacey Brandenburg, states the following about the incident:
On March 2, 2021, Manhunt discovered that an attacker had gained access to a database that stored account credentials for Manhunt users. The attacker downloaded the usernames, email addresses and passwords for a subset of our users in early February 2021. Manhunt immediately took steps to remediate the threat and secure its systems. Passwords were forced reset for affected user accounts, and we retained a third-party forensics consultant on behalf of Manhunt to assist us in investigating what happened and confirm that there is no ongoing unauthorized access to Manhunt systems.
The letter was written in accordance with privacy laws that require disclosure of data breaches. While the breach appears to be contained, users should still exercise caution when using this or any other site. Social engineering attacks are a constant threat on dating sites in particular, and with a large chunk of a user base’s data now available to criminals, the threat is worse on Manhunt. Users are encouraged by the company to monitor their financial data and any other areas that may be compromised as a result of this incident.
In some ways, dating apps rank on the same level as social media regarding privacy invasion. Dating apps collect numerous types of data with the explicit goal of selling it to third parties for profit. As a byproduct of this, anytime a security breach occurs, there will be a treasure trove of data that can be passed around on the dark web. For this reason, should you decide to use a dating website, try to give the absolute minimum amount of information about yourself. Also, look at the data collection policies of your dating site of choice, and weigh the benefits against the consequences should your data get stolen.
Featured image: Flickr / S Steel