MobiFriends is an online service and Android app that allows registered users to meet new people online.
The personal details of 3,688,060 MobiFriends registered users have been released online earlier this year and are now available for download.
“The credentials of nearly 4 million MobiFriends users have recently been discovered by our Data Breach Research team on a prominent deep web hacking forum. The leaked data sets are currently available in a non-restricted manner despite being originally offered for sale.” reads a post published by security firm Risk Based Security, which first spotted the dump online.
“The compromised data sets were originally posted for sale on a prominent deep web hacking forum on January 12th, 2020 by a threat actor named “DonJuji” and attributed to a January 2019 breach event. They were later shared in a non-restricted manner on April 12th, 2020 by a different threat actor on the same forum.”
Experts at Risk Based Security (RBS) verified the validity of the data against the official MobiFriends website.
The data were initially offered for sale on a hacking forum, the seller claims it was stolen in January 2019, but MobiFriends did not disclose the incident.
The data is currently available on multiple hacking communities and in some cases, it is available for free.
Leaked data includes personal details, such as email addresses, mobile numbers, dates of birth, gender information, usernames, password MD5 hashes, and app/website activity. Private messages, images, or sexual-related content, are not included in the dump.
The bad news for the users of the dating app is that the MD5 passwords could be easily cracked, this means that attackers could use credentials to attempt to target accounts on other websites where MobiFriends users might have reused them.
“Moreover, the data leak contains professional email addresses related to well-known entities including: American International Group (AIG), Experian, Walmart, Virgin Media, and a number of other F1000 companies,” continues RBS.
Users are exposed to a notable risk of business email compromise, spear-phishing attacks, as well as extortion attempts.
At the time of publishing, it is still unclear how data was exposed, data could have been exfiltrated in an attack or accidentally exposed as a result of a misconfiguration of the server.
Users urge to change passwords on every account where they use the same login credentials as the MobiFriends app.
Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
(SecurityAffairs – data leak, hacking)