Around four million Android users of Spanish-based dating app MobiFriends had their data stolen in a recent security breach.
According to security firm Risk Based Security, hackers gained access to log-in and personal data of some 3.7 million users, including date of birth, gender, website activity, mobile phone numbers, usernames and email addresses.
The data was discovered on a prominent hacking forum at the start of 2020, but it was traced back to a breach in January 2019.
Risk Based Security said that the breach was due to the MD5 encryption algorithm which was a lot less secure than alternatives.
Business emails were also found among the personal data stolen posing additional risk to these companies.
Overall, the firm noted that data exposed in breaches grew 273% quarter-on-quarter to 8.4 billion in Q1 2020, but incidents reported publicly were down 42%.
“The increase in records compromised was driven largely by one breach; a misconfigured Elasticsearch cluster that exposed 5.1 billion records. However, even if we аdjusted for this incident, the number of records still increased 48% compared to Q1 2019,” said Inga Goddijn, executive vice-president at Risk Based Security.
“Hacking exposed an average of approximately 850,000 records per breach and most breaches originated from outside the organization. We are continually finding that simply meeting regulatory standards or contractual obligations does little to actually prevent a breach from occurring.”