Cupid media dating network
Many people aren't vigilant about creating a different password for every site they log onto, which is why unencrypted passwords are so problematic.
"Even the most inept web companies usually use a cryptographic hash to represent user passwords," Chester Wisniewski, senior security adviser at Sophos, told NBC News in an email.
(The top non-numeric password was reportedly "iloveyou," followed by "lovely," "qwerty" and "password.") While Cupid Media says it only has 34 million users, the report claimed that the discrepancy between that number and the 42 million breached accounts could be attributed to the fact that "many companies have a habit of storing data on customers who are no longer active." Andrew Bolton, Cupid Media’s managing director, told Krebs that all of the company's affected users had been notified in January after the breach and that their passwords had been reset.
NBC News attempted to contact Cupid Media, but the company did not immediately respond.
More than 42 million plaintext passwords hacked out of online dating site Cupid Media have been found on the same server holding tens of millions of records stolen from Adobe, PR Newswire and the National White Collar Crime Center (NW3C), according to a report by security journalist Brian Krebs.
Cupid Media, which describes itself as a niche online dating network that offers over 30 dating sites specialising in Asian dating, Latin dating, Filipino dating, and military dating, is based in Southport, Australia.
Our user-friendly site designs, multilingual interfaces and language translation tools break down the traditional barriers faced by people when looking for love, whether it be next door or halfway across the world.We are committed to helping you find the perfect match no matter where they are.Our membership base is made up of thousands of beautiful women from Russia, Eastern Europe, Asia, Latin America and Africa looking for men just like you!Krebs contacted Cupid Media on 8 November after seeing the 42 million entries – entries which, as shown in an image on the Krebsonsecurity site, show unencrypted passwords stored in plain text alongside customer passwords that the journalist has redacted.Cupid Media subsequently confirmed that the stolen data appears to be related to a breach that occurred in January 2013.