Hacked information of Coffee Meets Bagel users appeared in a huge cache of data that appeared on a popular dark web marketplace earlier this week. The previously undisclosed breach has since been acknowledged by the dating app.
Coffee Meets Bagel revealed details about the hack in an email to its users on Valentine's Day, explaining that members' names and email addresses had been exposed.
"We recently discovered that some data from your Coffee Meets Bagel account may have been acquired by an unauthorised party," the email stated.
"Once we became aware, we quickly took steps to determine the nature and scope of the problem... We have engaged forensic security experts to conduct a review of our systems and infrastructure."
The dating app also said it was making improvements to its security to better detect and prevent unauthorised access to its systems in the future.
Despite the relatively limited amount of information exposed by the hack, security experts warned the data breach could open up the victims to further cyber attacks.
"Although no financial information was leaked as a consequence of the breach, the success of this kind of attack opens up a number of threats for the people whose data becomes compromised," Dean Ferrando from the cyber security firm Tripwire told The Independent.
"Just recently, news broke of entire collections of email addresses and passwords being sold on the dark web, where hackers can purchase and exploit them in credential stuffing attacks and phishing campaigns."
Other cyber experts said the latest breach should serve as a reminder for people to take care online.
"This type of data breach is fairly common, and most people affected probably have lost similar information multiple times through other data breaches," said Israel Barak, chief information security officer at Cybereason.
"The most important takeaway for consumers is ensuring they understand that some level of security hygiene is needed."
The Independent
More about: datingapp