According to recent reports, two online platforms catering to gay hookups, namely TruckerSucker and CityJerks, have experienced security breaches.
These breaches have resulted in the unauthorized access and theft of sensitive and personal user information.
Disturbingly, these stolen databases are now being sold on dark web forums.
At the beginning of the week, an individual notified Troy Hunt, the creator, and operator of Have I Been Pwned, a website dedicated to alerting users of data breaches, about two dating platforms that had been compromised by hackers.
Hunt subsequently examined the stolen information and informed TechCrunch that user data such as usernames, email addresses, passwords, profile pictures, sexual orientation, date of birth, city and state of residence, IP addresses, and biographical information had been obtained.
Furthermore, the passwords were encrypted with an inadequate algorithm, which could be vulnerable to decryption, potentially allowing unauthorized parties to view the original passwords.
In addition to personal information, the breached data also contains user messages containing details of sexual preferences and arrangements for meetups.
This indicates a significant breach of privacy for those affected.
The breach is reported to have impacted over 80,000 individuals, with approximately 8,000 users of TruckerSucker and 77,000 users of CityJerks having their information compromised.
It appears that the two breached websites have a strikingly similar visual design, suggesting that they may be operated by the same company and using the same content management system (CMS).
This similarity may have made the websites vulnerable to the same type of attack.
However, without further information from the website owners, it is difficult to determine the exact method used by the attackers to gain unauthorized access to the data.
According to the seller’s post on the dark web forum advertising the stolen data, the database from TruckerSucker contains information on 8,000 users.
Meanwhile, the post regarding the CityJerks breach claims that the database contains data from 77,000 users.