Overview
- ShinyHunters claims to have posted more than 10 million lines of data tied to Hinge, Match.com and OkCupid along with internal documents.
- Match Group says it cut off the unauthorized access, is working with external experts and has begun notifying affected individuals.
- Investigators report the intruders leveraged a compromised Okta single sign-on account to reach AppsFlyer resources as well as Google Drive and Dropbox.
- AppsFlyer states its infrastructure was not breached and denies being the source of the exposure.
- Sample analyses describe advertising IDs, IP addresses, location data and Hinge subscription records, which researchers warn could fuel targeted phishing and doxxing.