A screenshot from the blog of Plenty of Fish CEO Markus Frind
(WEB HOST INDUSTRY REVIEW) — A very strange story emerging over the last few days has one of the Internet’s largest dating sites racing to patch vulnerabilities following an attack, while the alleged perpetrator of the hack attempts to refute claims of extortion.
According to reports released this week, Plenty of Fish, one of the largest dating sites on the web, was hacked last week, as revealed by a blog post made by the site’s creator and CEO, Markus Frind.
A Globe and Mail report says Frind claims the attack was made by Argentinian hacker Chris Russo, who claimed responsibility for the attack on bit torrent tracking site The Pirate Bay last year.
In his posts, Frind says he believes emails, usernames and passwords were all downloaded during the sophisticated and well-planned attack. “345 accounts were successfully exported,” says Frind in a post, which dates the attack as having occurred on January 18.
Frind’s postings also say Russo approached him in an effort to extort money from the site’s operators – the apparent motivation behind the attacks.
In an article published this week, the Financial Post newspaper says it was emailed by Russo, who claims he never made any attempt to extort money from the site. Russo says, according to the report, that he contacted Frind on January 21 to inform him of vulnerabilities in the Plenty of Fish website.
Russo claims the vulnerability was fixed, and that the company thanked him for pointing out the flaw and remained in contact, expressing a possible interest in hiring him for more security work on its platform.
Afterward, says Russo in his letter to the Financial Post, Frind threatened him and suggested he might take legal action.
At this point, the matter does not appear to have been taken into the legal arena at all, a fact that, as the Post article points out, further muddies the waters around the accusations.
The article also points out that, while Frind suggested in his original blog post that Russo claimed to have hacked into eHarmony.com, a representative of that company told the paper that none of its user data had been compromised.
In a post on his blog, former Washington Post security blogger Brian Krebs says Russo contacted him on January 19 about the vulnerabilities in the Plenty of Fish platform, and demonstrated those vulnerabilities to him.
About Liam Eagle
Liam Eagle has worked as a contributor to the Web Host Industry Review since its inception in 2000, and as editor since 2003. He has been editor of the WHIR's print magazine since its launch. His daily involvement in the gathering and reporting of Web hosting news and his regular interaction with Web hosting leaders gives him an uncommonly broad appreciation of the issues and tends facing the business. Through his WHIR blog, Liam spots Web hosting trends and offers opinions on the industry-wide impacts of major developments and the motivation behind big announcements. Follow him on Twitter @liameagle
No related posts.
