News article

Date: 04. July 2016

New Dating Site Hacking Victim:
Data Breach Exposes 150,000 Users

Sold as an online dating site and "free" agency for marriage, Muslim Match has succumbed to a hack attack and breach of security. Around 150,000 profiles of singles on the site have also had their privacy compromised. The hackers also managed to get a hold of over 500,000 private messages. As a result, the site is now offline and "taking a break for Ramadan".

"Single, Divorced, Widowed, Married Muslims: Coming together to share ideas, thoughts and find a suitable marriage partner," is the advertisement posted to Muslim Match's Facebook profile. A well-established dating site (having started in 2000), the service has been helping single Muslims come together and find the best partners for marriage.

According to security researcher Troy Hunt, information that was taken includes things like whether or not users were converts to Islam, where they worked, their current marital status and whether or not polygamy was an option for them. Something else that Hunt noticed was that some users had been only marked as "potential users".

Dating Site Data Hack: Messages Read

One of the biggest points of the data hack Muslim Match suffered was the messages that users sent to one another. However, it seemed that a considerable number of messages were simply spam. It had previously been noted by the site itself that there was a rise in the number of fake profiles. Singles on the site were also warned.

Current users Zaheer says that he is disappointed because, "...the site didn't seem to be secure in the first place. They never used HTTPS." HTTPS is used by websites for encrypting and securing data for users who have to login to accounts.

Hacks and data security compromises are nothing new for both online dating sites and other websites. However, a lot of this can be prevented with proper encryption like HTTPS which is particularly important for sites where users have accounts. For singles signing up to any kind of online dating site, it is a good idea to check the encryption status in the URL bar before continuing.