A major data breach has hit Senior Dating, a matchmaking platform for users over 40, exposing sensitive personal information of more than 765,000 users. The breach was discovered after the database appeared on Have I Been Pwned (HIBP), a website that tracks data leaks.
The compromised information includes users' photos, email addresses, geographic locations, and personal details like drinking and smoking preferences. The breach originated from a vulnerability in Firebase, a Google-backed web development platform.
In a related incident, Ladies.com, another dating site owned by the same company, experienced a similar breach affecting nearly 119,000 users. Both websites have since been shut down following the incidents.
Security researchers identified disclosure notices for the breaches as early as February for Ladies.com and April for Senior Dating. However, the vulnerability remained unpatched for months until the data surfaced on HIBP in November.
Despite the scale of the breach and potential risks to users, the company has not offered credit monitoring services to affected individuals. The exposed data could put users at risk of identity theft and social engineering scams, as criminals may exploit personal information including email addresses, passwords, and location data.
The incident raises concerns about data protection practices in online dating platforms, particularly those serving older adults who may be more vulnerable to cyber fraud and scams.