Hackers reportedly stole 42 million customer records, including email addresses and clear-text passwords, from Cupid Media’s network of dating websites, an IDG News Service release states.
A file containing the Cupid Media user data was found on the same server where hackers also stored millions of records stolen from Adobe, PR Newswire, the U.S. National White Collar Crime Center and other organizations.
According to reporting by Brian Krebs, database allegedly contains names, email addresses, plaintext passwords and birth dates. Andrew Bolton, Cupid Media’s managing director, reports that the information found on the rogue server appears to be related to a security breach that occurred in January 2013, which customers had already been notified about. He also says that a large portion of the leaked records correspond to old, inactive or deleted accounts, and that the company is now double-checking to make sure all affected users had their passwords reset and were notified by emails.
After the January breach, the company hired external consultants and implemented several security measures, including password hashing and salting.