Hackers claim they accessed Tinder, Hinge user info

Match Group, the conglomerate that owns Tinder, Hinge, and other dating apps, is investigating a security incident that exposed user data.

A hacker group called Scattered LAPSUS$ Hunters claimed they stole a mass of Match’s internal data, according to 404 Media. 404 Media downloaded the data and reported that it contained some users’ unique advertising IDs, corporate receipts, and other internal documents.

A Match spokesperson told Mashable, “We are aware of claims being made online related to a recently identified security incident. Match Group takes the safety and security of our users seriously and acted quickly to terminate the unauthorized access. We continue to investigate with the assistance of external cybersecurity experts.”

“There is no indication that user log-in credentials, financial information, or private communications were accessed. We believe the incident affects a limited amount of user data, and we are already in the process of notifying individuals, as appropriate,” the spokesperson continued.

A spokesperson for the hacking group told 404 Media that it gained access to Match’s documents through a social engineering tactic called vishing. Vishing is like phishing, except it’s done over the phone. Scammers impersonate a credible person or company to gain information or money. The hacker told 404 Media that the group vished Match’s Okta single-sign-on. Okta is a cybersecurity company that specializes in secure logins for companies. A spokesperson for Okta told 404 Media:

“Okta Threat Intelligence routinely shares threat research to help companies protect against evolving social engineering techniques. These target organizations in all industries and impersonate a range of identity and cryptocurrency providers. While Okta’s platform and services remain secure, Okta is calling attention to these evolving techniques to help raise awareness and support stronger defenses for customers.”

Hackers posted that they accessed Match’s data from the cloud platform AppsFlyer, but AppsFlyer denied that the incident originated from its app:

“AppsFlyer has confirmed that the incident referenced in recent media reports did not originate from AppsFlyer and did not involve a data breach, security incident, or compromise of AppsFlyer’s systems. AppsFlyer’s infrastructure and security controls were not breached. Any implication that AppsFlyer was the source of the incident, or that data was exposed due to a compromise of AppsFlyer systems, is inaccurate.”