Security Market Segment LS
×

Warning

JUser: :_load: Unable to load user with ID: 3653
Wednesday, 25 June 2014 16:47

Cupid Media breaks heart of Privacy Commissioner after users hacked Featured

By

An online dating company has been slammed by Australia's privacy commissioner after it breached privacy laws, with hackers accessing the personal information of about 254,000 Australians.

Australian Privacy Commissioner Timothy Pilgrim announced today Cupid Media breached the Privacy Act by failing to take reasonable steps to secure data held on its websites.

Cupid, based in Southport on the Gold Coast, is a niche operator in the Australian dating website market, running more than 35 niche dating websites such as ChristianCupid, MilitaryCupid, SingleParentLove and other sites based on ethnicity, religion and location.

Hackers gained unauthorised access to Cupid servers in January last year and stole the personal information of what was believed to be 42 million users across the globe.

This number included over 250,000 Australian Cupid site users, and the data stolen included their full name, date of birth, email addresses and passwords.

The Office of the Information Commissioner (OAIC) did not receive a data breach notification from Cupid Media, and only opened the investigation following media reports.

The investigation found that Cupid Media breached the Privacy Act by failing to take “reasonable steps” to secure users’ personal information.

“Password encryption is a basic security strategy that may prevent unauthorised access to user accounts. Cupid Media insecurely stored passwords in plain text, and I found that to be failure to take reasonable security steps as required under the Privacy Act,” Pilgrim said in a statement.

In 2013, the company did not have password encryption processes in place, and it was found Cupid Media also failed to destroy or de-identify the details of people who had left the site.

“Holding onto old personal information that is no longer needed does not comply with the Privacy Act and needlessly places individuals at risk. Organisations must identify out of date personal information and have a system in place for securely disposing of it,” Pilgrim said.

"Installation of malicious software (malware) detection and prevention software (including antivirus software) is a reasonably affordable security step that can assist organisations to prevent attacks by malicious hackers and the damage caused by malware," he said.

Pilgrim did note however that Cupid Media subsequently took a number “of remedial steps” including the adoption of password encryption following the breach.

The company also sent out notifications to all affected users and encouraging them to reset their passwords, and analysed server logs and tracked the hack method to ensure the breach had been contained.

Pilgrim's advice to Australians who use dating websites is to update their privacy settings regularly, change their passwords and “be careful” about the personal information they share online.

“You don’t want to become a victim of identity theft or a scam,” he said.

The Commissioner noted Cupid’s collaborative and cooperative approach in working with the Office of the Australian Information Commissioner (OAIC) during the investigation, as well as the significant remedial steps taken by Cupid in response to the data breach.

‘I encourage organisations to proactively notify the OAIC of a data breach so that we can work with them and assist with appropriate remediation if necessary’.

The OAIC has issued a data breach notification guide that outlines steps businesses and agencies can take to respond to, and mitigate the results of, data breaches.

For more information about how to recognise, avoid and report scams visit the SCAMwatch website.


Subscribe to ITWIRE UPDATE Newsletter here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments