A hacker who goes by the name ShinyHunters has leaked data of 2.28 million users from online dating site MeetMindful. The leak includes real names, email addresses, IP addresses, Bcrypt-hashed account passwords, and Hacker 2.28m Facebook IDscimpanuzdnet authentication tokens.
The leaked file is 1.2 gigabytes in size and is being shared as a free download on a public hacking forum.
70/30 Gender Ratio
MeetMindful is an online dating site that caters to people who live a mindful lifestyle. It has over 300,000 active members, with a 70/30 gender ratio.
Founded by Amy Baglan, the website’s main mission is to bring mindful people together. It has a high number of success stories and has earned a good reputation among users.
A number of MeetMindful reviews suggest that the site is safe to use, and that its staff regularly monitors accounts for suspicious activity. It also offers a free trial period to new members.
Email Verification Method
During registration, the user must answer several questions to verify their identity. The site also offers an email verification method. The signup process is quick and easy, and it doesn’t take more than ten minutes to create an account.
In the world of cybersecurity, ShinyHunters is a term that describes a group of cybercriminals who steal and sell data. They are a financial-motivated threat actor that emerged in May 2020 and was able to amass a significant number of breaches.
Stealing & Selling Data
They are known for stealing and selling data in the form of email addresses, passwords, usernames, social security numbers, credit card numbers, and more. They also use phishing emails to get users to provide their login credentials.
While most hackers focus on ransomware, ShinyHunters seem to have adapted their tactics to include extortion, Digital Shadows said. In early August 2021, they began threatening to expose their stolen data unless a ransom was paid.
In addition to exposing personal information, they have also been known to deface their rival forum Raid Forums and replace its material with Pokemon references. This appears to be a reference to the cult video game franchise that was popular in Japan for years.
Facebook Authentication Tokens
Facebook authentication tokens are used to verify a user’s identity in applications. They can be issue by an application or a third party (e.g., an Identity Provider).
These tokens are a form of credentials that allow your app to access data on behalf of a user. They include three parts: a header, a payload, and a signature.
Authentication tokens are typically generate when you log in to Hacker 2.28m Facebook IDscimpanuzdnet using the SDK and last for close to 60 days. However, you can also convert short-lived access tokens to long-lived ones by making a server-side API call with your app secret.
Serious Security Issue
Earlier this week, Hacker 2.28m Facebook IDscimpanuzdnet discovered that a vulnerability in the “View As” feature allowed attackers to steal access tokens and gain control over almost 50 million accounts. This is a serious security issue and Facebook has announced that it will reset the access tokens of all affected accounts to help minimize any risk.
A phone number is a magic number that enables you to place a call using a landline or cell-based service. The best part is that it’s a relatively painless process and is free. A typical phone call will take around a second or so. A phone company’s customer service representatives are more than willing to help you out when you need it. It’s also a good idea to have a backup plan in case something goes wrong. For instance, if you’re out of town for the week and don’t have a phone to use as your emergency contact, you may want to consider getting a mobile number from the local provider. This could save you the angst of trying to get in touch with loved ones while away from home.