Manhunt Dating Website Suffers a Data Breach

Infosecurity Magazine reported this week that dating website Manhunt suffered a data breach. 

What Happened?

According to a data breach notice filed on April 1 with the Washington attorney general’s office, Manhunt was the subject of a data breach that occurred in February. Manhunt is a 20-year-old dating website. 

The hacker obtained access to the website’s main database, and after fraudulently logging in, they stole personal details belonging to Manhunt customers. 

The stolen information included full names, usernames, email addresses, and passwords to their accounts on the platform. 

How Did Manhunt Respond?

Upon learning of the data breach, on March 2, Manhunt forced a reset of all user passwords. According to the social networking/dating website, around 6 million men were affected by the data breach. Also mentioned in the breach notice, an unknown attacker had downloaded the data in February. The company posted this in their data breach notification, “On March 2, 2021, Manhunt discovered that an attacker gained access to a database that stored account credentials for Manhunt users.”

“The attacker downloaded the usernames, email addresses, and passwords for a subset of our users. We immediately took steps to remediate the threat and reset the passwords of affected users.”

Manhunt started notifying its customers last month to let them know about the breach. Roughly 7,714 Washington residents were affected by the incident. 

After the attack, Manhunt hired a third-party cybersecurity firm to investigate the matter further. They said, “to assist us in investigating what happened and confirm that there is no ongoing unauthorized access to our systems.”

Manhunt also assured customers that no profile data, pictures, or private messages had been accessed or downloaded. Since they do not store credit cards or bank account information, none of that was exposed either. 

What is Manhunt?

Manhunt is an all-male dating website and social networking platform where users can meet and interact before setting up an in-person meeting. The company has been in business since 2001. 

Self-described on the Google Play Store:

“MANHUNT is the most iconic gay social app for gay, bi, trans, and queer guys worldwide. Manhunt is the most direct way for men to meet other men. Being around since 2001 has allowed Manhunt to attract the older and wiser crowd of guys. Narrow your search based on interests, photo filters, and location. Chat with millions of men online now via your existing account or by creating a new one for free.”

How Can Manhunt Users Stay Safe?

In their official notice, Manhunt warns users to be on the lookout for phishing emails with any details from their account included. They also warn that threat actors could pretend to be Manhunt and email them for information or fraud. Manhunt never asks customers for their password or other private information. 

Other tips for users to stay safe are:

• Always turn on multi-factor authentication for your accounts.

• Secure your mobile device with biometric or PIN codes.

• Never reuse passwords on multiple websites.

• Always keep good, strong antivirus running on your devices.

• Never click links or download attachments in emails or text messages.

• Watch out for phishing emails (some look very legitimate).

• Verify everything before you visit a website or click anything.

• Do not share your personal information with anyone unless you know them well.

• Never share banking or credit card information online with someone you don’t know. 

• Change your password for all online accounts after a data breach.

• Monitor your credit cards, bank statements, and credit reports regularly. 

• Use common sense to watch out for fraud and other identity theft/social engineering tactics.