Advertisement
National

Dating website privacy breach

ABC
Jun 25, 2014, updated Jun 25, 2014

An online dating company has been found in breach of privacy laws after hackers accessed the personal information of about 245,000 of its Australian users.

Australian Privacy Commissioner Timothy Pilgrim found Cupid Media breached the Privacy Act by failing to take reasonable steps to secure data held on its websites.

Cupid operates more than 35 niche dating websites such as ChristianCupid, MilitaryCupid, SingleParentLove and other sites based on ethnicity, religion and location.

Hackers gained unauthorised access to Cupid webservers in January last year and stole the personal information of the Australian Cupid site users.

It included full name, date of birth, email addresses and passwords.

Commissioner Pilgrim said the investigation found that at the time of the incident, Cupid did not have password encryption processes in place.

“Password encryption is a basic security strategy that may prevent unauthorised access to user accounts,” he said.

“Cupid insecurely stored passwords in plain text, and I found that to be a failure to take reasonable security steps as required under the Privacy Act.”

He said the incident also demonstrated the importance of securely destroying or permanently de-identifying personal information when it is no longer required.

Commissioner Pilgrim found Cupid had not done so.

“Holding onto old personal information that is no longer needed does not comply with the Privacy Act and needlessly places individuals at risk,” he said.

“Legally, organisations must identify out-of-date or unrequired personal information and have a system in place for securely disposing with it.

Businesses, customers must be vigilant: Pilgrim

“I would also remind consumers using internet dating sites to regularly update your privacy settings, change your passwords and be careful about the personal information you share.

“You don’t want to become a victim of identity theft or a scam.”

The commissioner said the company had cooperated with the investigation and had taken major steps to fix the problems.

He said businesses must remain vigilant about information security.

“Cupid’s vulnerability-testing processes did allow it to identify the hack and respond quickly,” he said.

“Hacks are a continuing threat these days, and businesses need to account for that threat when considering their obligation to keep personal information secure.”

The commissioner said the company had addressed the office’s concerns and it had closed the investigation.

Cupid has not yet responded to the ABC’s inquiries.

More National >
Elective surgery wait times longest on record
National

Elective surgery wait times longest on record

US to reduce licensing for Australia, UK
News

US to reduce licensing for Australia, UK

‘Stop buzzing about China’: Beijing slams defence plans
National

‘Stop buzzing about China’: Beijing slams defence plans

Australians arrested in global phishing sting
National

Australians arrested in global phishing sting

‘Disturbing’ gap between haves and have-nots
Finance

‘Disturbing’ gap between haves and have-nots

New national environment watchdog unveiled
National

New national environment watchdog unveiled

Coal, gas giants on notice over methane plume
National

Coal, gas giants on notice over methane plume

Woolies boss threatened with jail in Senate probe
National

Woolies boss threatened with jail in Senate probe

Wilkinson speaks after Lehrmann verdict
National

Wilkinson speaks after Lehrmann verdict

Stay informed, daily
A FREE subscription to The New Daily arrives every morning and evening.
Subscribe
The New Daily is a trusted source of national news and information and is provided free for all Australians. Read our editorial charter
Topics
The New Daily
Copyright © 2024 The New Daily.
All rights reserved.