Dating service Match.com users at risk
Posted by: Timothy Weaver on 04/20/2015 09:11 AM
[
Comments
]
Millions of passwords are being exposed on the dating website Match.com.
The dating website is using HTTP instead of the secure HTTPS. This would allow anyone to steal the username and passwords of users logging into the site.
A thief could use a man-in-the-middle attack to steal the data by logging into the same Wi-Fi network as the victim, such as in a cafe.
Discovered by a reader of Ars Technica, they state: "Had Match.com followed basic security practices and properly enabled HTTPS on the login page, the entire session would have been unintelligible to all but the end user and connecting server."
According to data published by Statistic Brain in March claims Match.com has over 21.5 million members worldwide.
Match.com is part of the Match Group, which includes OKCupid and smartphone dating app Tinder, and is owned by US media company InterActiveCorp.
Source: IBTimes.uk
The dating website is using HTTP instead of the secure HTTPS. This would allow anyone to steal the username and passwords of users logging into the site.A thief could use a man-in-the-middle attack to steal the data by logging into the same Wi-Fi network as the victim, such as in a cafe.
Discovered by a reader of Ars Technica, they state: "Had Match.com followed basic security practices and properly enabled HTTPS on the login page, the entire session would have been unintelligible to all but the end user and connecting server."
According to data published by Statistic Brain in March claims Match.com has over 21.5 million members worldwide.
Match.com is part of the Match Group, which includes OKCupid and smartphone dating app Tinder, and is owned by US media company InterActiveCorp.
Source: IBTimes.uk
Comments
