Hackers have breached two dating websites, CityJerks and TruckerSucker, stealing email addresses, direct messages, passwords, sexual orientation, and other personal data of users, according to data breach expert Troy Hunt. The stolen passwords are scrambled with a weak algorithm that could potentially be broken and allow hackers to see the actual passwords.
The sensitive content in the breach includes hookup messages and sexual preferences of users. Hunt said that the tipster informed him the breach was advertised on a hacking forum. TechCrunch independently verified that the data stolen from both the websites is being advertised on the forum.
According to the post advertising the data stolen from TruckerSucker, the database contains information on 8,000 users. The post about CityJerks claims the database contains data from 77,000 users. Such data breaches can lead to identity theft, fraud, and blackmail attempts. Users are recommended to change their passwords on all online accounts immediately, and to set up two-factor authentication.
They should also be wary of unsolicited emails and phone calls, and monitor their accounts for any suspicious activity. The dating websites should immediately inform their users about the breach and offer assistance, such as credit monitoring, to those impacted by the breach.