Old dating site data has been leaked – company claims users have been warned

The Raid Forums entry was posted last August. Publish data for 2016: name, surname, email. email address, encrypted password, date of registration and last date of login.

A closer look at the published data tables shows that the dating portal database also contained other important information about people: gender, language, date of birth, height, country, nationality, languages ​​spoken, religion, education, number of children, etc. .

A company spokeswoman says the situation is known.

“The information was published in August, but it was hacked in 2016. After this event, all our members had to change their passwords. Since 2018 Darnipora.lt the site has been updated and many other additional security mechanisms have been installed. Since then there have been no robberies ”, he assures. Darnipora.lt Egle representative.

Commenting on this data, cyber security expert Marius Pareščius believes that the programmers showed only a table of data, which they have “hacked”. This is just one of the passages.

“As I understand it, the data is probably from 2006, which is 10 years of data.

As with Citybee, only one of the snippets was shown at first, but if you’re interested in the full dataset we’ll sell it for money. In this case, it is exactly the same: give some information to familiarize yourself and make sure you really have it, and treat the rest differently: sell or present another portion, ”he says.

In this case, the data will be made public free of charge.

“I think they have everything, not just user data. Only there is a slightly different option, this data leak is no longer on the forum, it is blocked. So all that remains are fragments of what you had, not what you want to give away or sell. You will no longer be able to sell it, so you can rest for a while, unless you connect in another way and still have that data and then distribute it ”, warns the expert.

The interviewee points out that dating portals collect a lot of data about consumers, including payment: “As for the part of the payment, it is usually a phone number and the technical message that accompanies it. This means that the user of this phone number paid so much for the SMS on that date, as the payments were probably SMS. Technically, you have a phone number and payment information. However, no service provider has card information except banks, as All and Mastercard have very strict rules and you cannot store card details. “

However, M. Pareščius does not believe that Darnipora.lt collected data from personal documents.

Asked if it was real that he could have reportedly hit 400,000. user data, explain that this number is normal as it is a number of unique lines.

“It just came to our knowledge then. You can write down the names of other tables: current customers, inactive customers and deleted customers. The sum of these three tables will be 400 thousand. The logic is this: there is a user who has registered and used, paid the membership fee, the membership fee has expired, you deactivate it, after a while, if you don’t pay and don’t extend the validity of the form, delete it ”, explains M. Pareščius.

He points out that the data leaked or intended to be distributed was in August of last year, but that doesn’t necessarily mean someone bought it.

“Based on the fact that the 2016 data is released, it appears that it was only in the archives. If you stole now before they are “hot”, interesting and relevant, then you put it on, not when it occurs to you. So in this situation, he either got it from somewhere else or it was ‘hacked’ in 2016 and only now made it public, “he says.

When asked why it took programmers some time to publish the data in this case, the expert says the reasons may be different. One of them is the highest grades.

“It just came to our attention then. One may be due to forum ratings. You get ratings based on how much data you sell. As with the ad portal, the more ads you have, the better your ranking. The following are the various votes and comments. The more votes and comments or purchases, the higher the rating. Therefore, in individual cases they share data for free, in some cases they ask for money, “explains M. Pareščius.

A cyber security expert says the recent data breaches are just the beginning, soon, maybe even this week, we will see more data breaches from larger users, as programmers are already speaking on the same forum.

“This is the third public case, but there is more,” he says.

M. Pareščius is also supported by ESET Lietuva’s director, cybersecurity expert Tomas Parnarauskas.

The Olybet leaker wrote an ambiguous message on the forum, but I think it is accurate: Lithuanian databases have not been relevant to anyone until now. I think we will have a lot of those cases because there is a great opportunity when you buy, sell more expensive and receive attention.

There have been quite a few more incidents and similar cases in the past. One of them is the case of Aesthetic Surgery. Apparently, the attention of journalists, the agitation of the issue in public space contributes to publicity or visibility, everyone begins to take an interest in it.

I have no doubt that we will have more than one similar incident where administrators have a copy somewhere where it has been hacked, leaked. Until now no one has been interested in it, it has not been possible to earn money with it, which shows that there is a simple desire to get rich, to obtain economic benefits ”, comments T. Parnarauskas.