Plentyoffish dating forums are a place to meet singles and get dating advice or share dating experiences etc. Hopefully you will all have fun meeting singles and try out this online dating thing... Remember that we are the largest free online dating service, so you will never have to pay a dime to meet your soulmate.
     
Show ALL Forums  > Plentyoffish Site/Suggestions/Help  > Site Hacked? Usernames/Passwords/Emails Stolen?      Home login  
 AUTHOR
 fnord
Joined: 10/30/2007
Msg: 1
Site Hacked? Usernames/Passwords/Emails Stolen?Page 1 of 2    (1, 2)
Tech Crunch has an article up today about POF having been hacked.

http://techcrunch.com/2011/01/31/plentyoffish-ceo-we-were-hacked-almost-extorted-so-i-emailed-the-hackers-mom/

If it's true, then it's highly irresponsible that POF hasn't put up an announcement on the front page (or anywhere, for that matter).

And here's the POF blog post:

http://plentyoffish.wordpress.com/2011/01/31/plentyoffish-hacked/
 FrankNStein902
Joined: 12/26/2009
Msg: 2
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 10:24:04 AM

If it's true, then it's highly irresponsible that POF hasn't put up an announcement on the front page (or anywhere, for that matter).

And here's the POF blog post:

Oh the irony.

Complaining that they have not put up any announcement and then providing a link the owners blog post addressing the issues.
 fnord
Joined: 10/30/2007
Msg: 3
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 10:41:51 AM
Except that there has been no mention ON the site. And the blog post plainly says, "This is not a statement from Plentyoffish, i’ll post something in the morning." So the site owner didn't think it was important to notify the users until this morning (which still hasn't happened, btw), but did find it important enough to go off on a crazed diatribe on his personal blog.
 fnord
Joined: 10/30/2007
Msg: 4
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 10:44:53 AM
It should also be noted that, despite claiming to have plugged the security hole, POF is still sending out passwords in plain text. Which is just this side of just posting them on the Internet for everyone to see.
 QuasarDJ
Joined: 7/10/2010
Msg: 5
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 11:20:39 AM
Sending out passwords in plain text has been my chief complaint to them for several months now. Why even send it out in every weekly update? If I forget my password, then perhaps something should be put in motion to reset it, but there is no reason for it to ever be sent in email.
 Irish Eyez
Joined: 12/30/2008
Msg: 6
view profile
History
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 11:26:46 AM
Here it is again on globe and mail. ( Canada )

http://www.theglobeandmail.com/news/technology/tech-news/biggest-online-dating-site-plenty-of-fish-hacked-says-ceo/article1888893/
 ferruginous
Joined: 12/16/2009
Msg: 7
view profile
History
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 11:37:51 AM
This story is getting quite bizzare.

Was Plenty Of Fish actually hacked, as the site's owner is claiming?
or
Did someone simply attempt to point out securtiy holes in the site, and were then attacked with irrational accusations by the site's owner?

Either way, it seems that any personal info of yours, that this site has, is likely not safe.


More reading material here:
http://grumomedia.com/plenty-of-fish-hacked-chris-russos-explains-how-he-did-it/

http://krebsonsecurity.com/2011/01/plentyoffish-com-hacked-blames-messenger/
 FrankNStein902
Joined: 12/26/2009
Msg: 8
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 12:43:57 PM

Sending out passwords in plain text has been my chief complaint to them for several months now. Why even send it out in every weekly update?

Maybe if you checked your most recent weekly emails from POF you would see that POF no longer send out passwords in the weekly emails.
 tommyb4
Joined: 11/6/2008
Msg: 9
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 12:44:41 PM
More than likely, the site owner is reacting the same way he has to every single user here that has tried to point out the flaws in this website. He deleted them, and then it 'didnt exist anymore' in his mind.
Unfortunately, he can not delete the news stories everywhere else that are now pointing these things out, so he is flailing around trying to point the finger at anyone but the one responsible.

Himself.

The behavior of a child.
 QuasarDJ
Joined: 7/10/2010
Msg: 10
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 12:49:34 PM
Maybe if you checked your most recent weekly emails from POF you would see that POF no longer send out passwords in the weekly emails.

Not true. My new auto-generated password was in the weekly email this morning. I just checked it & it IS there. You are mistaken. Last week, it was blank for one email. Then I received notice of a new auto-generated password. Then today the weekly email had that new email in it.
 tommyb4
Joined: 11/6/2008
Msg: 11
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 12:55:35 PM

Then I received notice of a new auto-generated password.


You can be sure that this was when they finally reacted to the breach. I don't know what the laws in Canada are, but I imagine the time is ticking for PoF to send an official notice to its users.

This site collects money from users as well, I imagine this delay in informing its users will run foul of many online banking notification requirements. No doubt, whoever it is that collects the money for the 'subscriptions' here will have serious problems with doing business with this site.

All around, its being handled about the worst possible way by the site owners.
 bodypro8ra
Joined: 1/24/2011
Msg: 12
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 2:12:58 PM
Facebook is supposed to be porous as well and full of viruses. That's popular folklore. I try not to think too much about these things. My password is weak but easy to remember. I guess I'll be sorry. One of these days.
 ~breathlesshush~
Joined: 4/25/2006
Msg: 13
view profile
History
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 2:24:39 PM
I read Markus' blog and a few of the news reports about this. What concerns me is why hasn't he addressed it here? People have a right to know if their private information has been stolen.

The longer he waits, the worse it looks in my opinion.

Edit to add: My matches email sent today did NOT contain my new password. It did say "Remember your password is: . " There was nothing there but a period.
 BigFish
Joined: 3/27/2001
Msg: 14
view profile
History
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 2:29:35 PM
We only know for sure some 300 accounts where accessed.

Mass emails are being sent out.

Its not just us he was trying to extort other paying sites. Its only a matter of time before they have to make public statements.
 davidhume42
Joined: 1/3/2011
Msg: 15
view profile
History
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 2:31:29 PM
Yeh, I made a post about the incredibly amateurish security on PoF not even three weeks ago and my thread was purged. Not closed, but completely removed.

People have been complaining about the password issue here for years and nobody at PoF gives a shit.

The security hole that was used to access the database was a known vulnerability. It is more than likely that other parties have been exploiting that security hole for quite awhile. It is best to assume at this point that multiple parties have access to every piece of data on this site.

The CEO's blog post sounds like a child's whining. Try and pass the blame for their incompetence by blaming someone else for their shortcomings.




There are enough Plain Text PW threads in existence that can be easily found using the Thread Search tool. Where possible given time and resources, redundant threads are either closed or removed, regardless of subject matter - Read the posted rules and inform yourself before making unfounded assertions and assumptions regarding cover ups - If this were the case then this thread would have been flushed as well.





 QuasarDJ
Joined: 7/10/2010
Msg: 16
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 2:33:50 PM

Edit to add: My matches email sent today did NOT contain my new password. It did say "Remember your password is: . " There was nothing there but a period.


That's what mine did last week, but this morning it had my new auto-generated password in the email, once again.
 tommyb4
Joined: 11/6/2008
Msg: 17
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 2:48:23 PM

Its not just us he was trying to extort other paying sites. Its only a matter of time before they have to make public statements.


I call BS on this. Are you honestly saying, a person who gave you his full name is trying to extort you? Not only that, he gave his full name, along with this story to a reporter? All this time you are the one hiding and keeping your customers in the dark as to what happened. Most all of them are finding this out from OTHER sites who are printing this story.

Yeah, right. Im sure to take what you say as nothing but further deception.

The 'other' guy might very well be a moron and fool, but his personal failings have NOTHING to do with the fact that you have been ignoring, and ACTIVELY DELETING the posts of anyone who points these flaws out in the message board for YEARS.

The issue is your security failings, period. I don't care if a 12-yr old clown is the one who finally pointed it out, for you to finally take action that should have been addressed years ago.
 Skillset
Joined: 1/3/2008
Msg: 18
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 3:49:52 PM
I never understood this behaviour, despite the fact that people have been complaining about it for years. Just search this forum.

If you want to see some truly shocking displays of idiocy, look at some of the rationalizations people come up with for this site's policy of sending you plaintext password "reminders" every month or so.

Luckily, I use a unique password for PoF, knowing how exposed we are. Hopefully this jolts the site owners out of their complacency, but they still seem oblivious. Bizarre.
 brawnydog
Joined: 5/12/2006
Msg: 19
view profile
History
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 4:29:28 PM
two things there:
if you're on a dating site you shouldn't really be worried about a gal hacking
your gosh dang pof account.
and the other is don't look to the net for rationalization
 JustAGrlWthACat
Joined: 4/17/2010
Msg: 20
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 6:36:14 PM
I just saw this story on the 6:00 ctv news. And the guys trying to blackmail pof founder to return the info.
no links yet on the ctv site, probably because it's only 6:35, plus it's not a huge news maker.
 Softy63
Joined: 1/15/2011
Msg: 21
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 9:11:09 PM

Edit to add: My matches email sent today did NOT contain my new password. It did say "Remember your password is: . " There was nothing there but a period.


That's what mine did last week, but this morning it had my new auto-generated password in the email, once again.


The way I see this situation is this:

1/ If no password was given, thats a good thing right?
2/ Make your own password.
3/ Ignore the auto-generated p/w and make up your own.

4/ Adjust your mail settings to NOT receiving ANY mail from POF whatsoever.
5/ Matches are reputadely useless.......check all the complaints about them.....
6/ Change your password regularly (as is done in corporate environments.)

Lastly, REMEMBER your password. I can't believe the number of people who complain they can't find it. They are then given directions how to find it again, and then they complain it was sent to them.

Huh? You forget it, you want it, you're given it, you complain.

Remember it, write it down, change it weekly and hackers won't find you.

 DocElffington
Joined: 1/20/2009
Msg: 22
view profile
History
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 1/31/2011 9:18:36 PM
I'm amazed that you people ignore the fact that Markus is a mind-reading alien, stealing your every thought before cyou an ever express them!

Emails stolen???

C'mon! You know you weren't getting any responses to your "read, deleted" messages!

If anything, the cobwebs are now removed from your inbox!

I wonder if Markus ever feels like he's being portrayed as the Dr. Evil of the online dating site world??
 46AndNormal
Joined: 12/1/2010
Msg: 23
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 2/1/2011 4:11:37 AM
does it really matter ? at the end of the day no one is stupid enough to use their real personal email for any dating site , and if you did then more fool you , and lets face it unless you use a CC there isnt much they can get as you dont put your name and address when signing up for an account , and people know not to use the same password as they do for other personal stuff , so in my eyes if it was hacked why all the worry its not as if they have any personal information on you , except an email address which isnt a personal one .
 ferruginous
Joined: 12/16/2009
Msg: 24
view profile
History
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 2/1/2011 6:57:10 AM
Mass emails are being sent out.
When???

User's personal information was accessed on January 18th. It is now February, and there has not yet been any notice sent to users.

I certainly do not appreciate learning, through the media, that our information may have been stolen two weeks ago, and the POF was not interested in informing us during that time.
 FrankNStein902
Joined: 12/26/2009
Msg: 25
Site Hacked? Usernames/Passwords/Emails Stolen?
Posted: 2/1/2011 7:45:23 AM

User's personal information was accessed on January 18th. It is now February, and there has not yet been any notice sent to users.

Let me fix that for you.

~ 345 user's personal information was accessed on January 18th. It is now February,...

So maybe they are contacting those people first and for the rest of us it has zero impact.
Show ALL Forums  > Plentyoffish Site/Suggestions/Help  > Site Hacked? Usernames/Passwords/Emails Stolen?