Zoosk Vulnerability Leads to 57 Million Stolen Accounts?
Sometime last year the data of over 57 million people was stolen, but apparently no one had any idea until that same information went up for sale on the dark web. The data contains usernames, passwords, email addresses associated with both governmental agencies and companies like Apple, Google, and Twitter from a three year period between 2012 and 2015.
No one is entirely sure where the data originated, but analysis shows that there are over 52 million unique emails, which points to the bulk this data having not been made available before now. The hacker, who goes by the handle Peace, that put the information for up sale claims he obtained the 4.6 gigabyte database from a Russian hacker.
According to Peace, the data was stolen by exploiting security vulnerabilities in the dating site Zoosk. Zoosk denies that the data came from their over 33 million users. Despite a portion of the email addresses matching Zoosk accounts, it’s possible this is due to users having the same email across multiple accounts.
Within the database there are also around 88,000 email addresses associated with another dating website, Badoo. Many of these accounts appear to be corporate accounts used for testing purposes, though Badoo also denies having been hacked.