If you’re single on Valentine’s Day, you might be headed to a dating app like Coffee Meets Bagel to try and find a love of your own. Coffee Meets Bagel, however, isn’t sharing the love this Valentine’s Day — the company has announced to its customers that some of their data may have been breached.
In an email that was sent out to customers, the company warned that an unauthorized party had gained access to user data. It did not tell customers how many people were affected by the breach, but it did say that users who were using the app before May 2018 may have been affected. Coffee Meets Bagel did say that sensitive data like credit card numbers and passwords remained safe.
“As always, we recommend you take extra caution against any unsolicited communications that ask you for your personal data or refer you to a webpage asking for personal data,” said the company in its email. “We also recommend avoiding clicking on links or downloading attachments from suspicious emails.”
Unfortunately, the important details about the breach seem to be a little vague, but the company does say that it has engaged with forensic security to review how the breach may have occurred. According to a report from TechCrunch, the data breach may have included information like email address, age, name, and gender. It’s likely we’ll learn more about the breach in coming days and weeks — but whether you think you’re a part of the breach or not, we recommend changing your password. Really, that’s a good rule of thumb for anything — use different passwords for different services, and at the first sign of a possible issue, change that password.
The breach itself was reportedly discovered through a larger data dump of 617 million account details, which recently went up for sale on the Dark Web. The seller said in the listing that the databases came from MyFitnessPal, MyHeritage, Animoto, and others.
Coffee Meets Bagel is only the latest dating app to be breached. Earlier this week, it was reported that OKCupid had been hacked too. After the TechCrunch report about the breach, OKCupid denied that a security breach had taken place, which may mean that hackers could have accessed accounts through other means, like reused email/password combinations.