ShinyHunters, a known cyber hacking group, allegedly added 30GB of data stolen from Bumble to its dark website on January 29, infiltrating the company’s Google Drive and Slack channels.

The attackers claimed it was easy to orchestrate the attack by compromising cloud services and using phishing techniques to hack Bumble group lists, known as Hives. Thousands of internal documents were obtained, including from a contractor’s account which had low level privileges.

More company data was exposed than personal information as the hacking group targeted privileged accesses of employees, contractors and business operations. IT professionals swiftly acted to detect and contain the incident, preventing “member data, the Bumble application, or member direct messages or profiles” from being exposed. 

“Our InfoSec team rapidly eliminated the access, and the incident is contained. We have engaged external cybersecurity experts and notified law enforcement. Importantly, there was no access to our member database, member accounts, the Bumble application, or member direct messages or profiles,” a Bumble spokesperson told Cybernews.

Bumble is a widely used dating platform with over 40 million active users and hundreds of millions of downloads globally. 

 

Also in the news:

Default ThumbnailThailand drafts rules on biometric SIM registration Default ThumbnailFake discount warning to shoppers ahead of Black Friday International Fraud Awareness Week reminds us of the mission