Monitoring The Dark Web & Discovering The Breach

As part of our continuous monitoring of 4000+ Surface, Deep & Dark Web Forums for data breaches, we discovered this data being traded early last week, while it has been openly published for public consumption on the 5th of August 2020.

The data contains 29,186,600 rows of user data and the hacker has suggested that the initial breach took place in January 2020.

Zoosk Data Breach Published on Dark Web Forums

Inside The Zoosk Data Breach

The data contains two tables:

User Table
id, first_name, last_name, user_nicename, user_email, email_status, user_status, widget_guid, sex, interested_in, relationship, birthday, location_id, latitude, longitude, zipcode, country, discoverable, user_activation_key, media_request_id, user_registered, last_login, lastdailable_flatched migrated, height, ethnicity, education, religion, politics, children, smoking, drinking, bodytype, income, pets, settings, currency_id, balance, provider_map, photo_source, photo_count, locale_id, timezone_id, source, is_remarketed_to, dscore, rscore, sscore

Tig Users Table
uid, user_id, sha1_user_id, user_pw, last_login, last_logout, online_status, failed_logins, account_status

General Recommendations

Even though passwords were not leaked, threat actors can use the email addresses to send spam, phishing emails, and launch other online scams.

So, as a rule of thumb:

• Use strong passwords.
• Enable multi-factor authentication for all your online accounts.
• Don’t open unsolicited email attachments and links, especially from senders you don’t recognise.
• Don’t share OTPs with third-parties.
• Review online accounts and financial statements periodically.
• Regularly update your apps and any other software you use.

The post Zoosk Data Breach Published on Darkweb Forum – 29 Million Users Impacted appeared first on ShadowMap.