Ugly data breach hits ‘exclusive’ Beautiful People dating site

Ugly data breach hits ‘exclusive’ Beautiful People dating site

SECURITY 26 APRIL 16 by MATT BURGESS
http://www.wired.co.uk/news/archive/2016-04/26/beautiful-people-hack-accounts-data-online-buy

The personal data of 1.2 million members of BeautifulPeople.com, an “exclusive” online dating website, is being sold online, security researchers have found.

The website, which only allows members who are “voted in” by those of the opposite sex, was hacked last December. Data stolen in the breach is now being sold online, including sexual preferences, relationship status, income, addresses and more. has been hacked with user data posted online, security researchers have found.

When security researcher Chris Vickery informed Forbes of the data breach in December the company responded by saying the information had originated from a compromised test server. It now appears the data is from actual customers, not company tests.

Australian security expert Troy Hunt said a “huge amount of personal information related to dating” was being traded in “underground circles”.

According to Hunt the available data includes: “Beauty ratings, Car ownership statuses, Dates of birth, Drinking habits, Education levels, Email addresses, Genders, Geographic locations, Home ownership statuses, Income levels, IP addresses, Job titles, Names, Passwords, Personal descriptions, Personal interests, Physical attributes, Sexual preferences, Smoking habits, Website activity”.

Vickery told Forbes that the database he obtained also contained 15 million messages that were sent between users.

Hunt, who was given the data by an anonymous source, has verified its legitimacy with BeautifulPeople.com users. He also found it included 170 .gov email addresses. “I keep seeing a heap of gov stuff where it probably shouldn’t be,” he tweeted.

BeautifulPeople said all affected members were being told about the breach, as they were when the hack was first reported last December. “The breach involves data that was provided by members prior to mid July 2015. No more recent user data or any data relating to users who joined from mid July 2015 onward is affected,” BeautifulPeople told WIRED.com in a statement.

The site has previously courted controversy after it dumped 30,000 members who it said weren’t attractive enough; it also removed 5,000 members that it claimed had gained weight.

“To become a member, applicants are required to be voted in by existing members of the opposite sex,” the website’s description reads. “Members rate new applicants over a 48 hour period based on whether or not they find the applicant ‘beautiful.'”

Leave a Reply