Coffee Meets Bagel Discount
As a Valentine's Day gift to all its users, online dating app Coffee Meets Bagel disclosed a data breach that contained user's email addresses and names. This data breach was discovered as part of a compilation of leaked credentials that was being sold on criminal marketplaces.
According to the data breach notification, Coffee Meets Bagel became aware of the breach on February 11th 2019 after a report from TheRegister stated it was being sold as part of a larger compilation of leaked credentials.
Jun 3, 2017 - Explore Melinda Miranda's board 'Coffee Meets Bagel' on Pinterest. See more ideas about coffee meets bagel, couple photography, coffee meeting.
Coffee Meets Bagel is an online dating site that claims to stop the endless scrolling and swiping on other apps by helping you make quality connections quickly. Our analysis will help you decide if. Are you tired of all traditional dating sites? Coffee Meets Bagel may take your online dating game to the next level. Curious to find out more? Read my unbiased CoffeeMeetsBagel.com review. ➢ Unlock the horniest cuties and have the coffee meets bagel cuties to meet you ✅ to have the biggest gratification of all of your secret dreams.
In a data breach notification email sent today, which is provided in its entirety below, the data consisted of 6 million Coffee Meets Bagel user names and email addresses. The dating company states that the breach did not disclose any user passwords or financial information, as that information is never stored by the app.
In a statement to BleepingComputer, Coffee Meets Bagel stated:
'With online dating, people need to feel safe. If they don't feel safe, they won't share themselves authentically or make meaningful connections. We take that responsibility seriously, so we informed our community as soon as possible—regardless of what calendar date it fell on—about what happened and what we are doing about it.
Coffee Meets Bagel Profile
We can confirm that approximately six million users were impacted. Beyond emails and names, no other CMB user information was compromised. This was part of a larger breach affecting 620 million accounts that got leaked across sixteen companies.'
Data could be used in credential stuffing attacks
While the data being sold only contained email addresses and names, it could still be used in attacks.
Andy Norton, the Director of Threat Intelligence for security firm LastLine, told BleepingComputer via email that data like this is typically used for phishing campaigns and credential stuffing attacks.
“The Coffee Meets Bagel data is reportedly being sold on Dream Market, although it’s currently offline so we’ve been unable to confirm. Dream Market is a dark market that sells many illegal things, including drugs, guns and stolen digital items. Essentially, these cybercriminals are trying to sell a list. Lists of personal information are one end of a malicious funnel, and the data is often bought by spammers and operators of credential stuffing tools.”
Coffee Meets Bagel App
Due to this, if you use the same password at every site, you should change those passwords to a strong and unique one immediately. To aid in creating and remembering unique passwords for every site you visit, it is suggested that you use a password management program.