Full Report
2.28 million users of the MeetMindful dating app have had their details published on a hacker forum
Analysis Summary
# Incident Report: MeetMindful User Data Exfiltration by ShinyHunters
## Executive Summary
The wellness-themed dating app, MeetMindful, suffered a data breach resulting in the exfiltration and public posting of 1.2 GB of user data belonging to 2.28 million users. The attack was executed by the threat actor group ShinyHunters, exposing sensitive personal information, which increased the risk of targeted phishing and sextortion campaigns against the affected users. MeetMindful confirmed that payment information and messages were not compromised.
## Incident Details
- Discovery Date: January 26, 2021 (Date of publication/reporting)
- Incident Date: Prior to January 26, 2021 (Date of exfiltration unknown)
- Affected Organization: MeetMindful
- Sector: Online Dating / Social Networking
- Geography: Not specified (Implied global reach due to online application)
## Timeline of Events
### Initial Access
- Date/Time: Unknown (Pre-publication date)
- Vector: Not explicitly stated in the source material, but implied external compromise of systems holding user data.
- Details: The threat actor group ShinyHunters gained access to the necessary infrastructure to copy 1.2 GB of user data.
### Lateral Movement
- Details: Not specified in the source material. Assumed internal navigation to locate and stage the target datasets.
### Data Exfiltration/Impact
- Date/Time: Prior to or on January 26, 2021
- Details: 1.2 GB of data containing PII for 2.28 million users was exfiltrated. The data was then published onto a public hacking forum.
### Detection & Response
- Date/Time: On or shortly before January 26, 2021
- Details: MeetMindful announced the security notification regarding the breach and subsequent data publication on their user security notification page. (Specific internal detection method is not detailed.)
## Attack Methodology
- Initial Access: Not explicitly detailed (Likely vulnerability exploitation or compromised credentials leading to database access).
- Persistence: Not specified.
- Privilege Escalation: Not specified.
- Defense Evasion: Not specified.
- Credential Access: Not specified (No mention of credential theft, but access to application databases was achieved).
- Discovery: Not specified.
- Lateral Movement: Not specified.
- Collection: Focused collection of PII records associated with 2.28 million user accounts.
- Exfiltration: Data was compiled into a 1.2 GB archive and published on a hacking forum for free download.
- Impact: Public exposure of sensitive PII, enabling phishing and sextortion campaigns.
## Impact Assessment
- Financial: Estimated costs unknown.
- Data Breach: 2.28 million user records exposed. Data included: Real names, Email addresses, City, State, ZIP information, IP