Cupid Breaches Privacy of its 254,000 Australian Members
By Athena Yenko | June 26, 2014 5:03 PM EST
Cupid Media Pty Ltd (Cupid) is found to have breached the Privacy Act 1988 as it exposes personal information of its 254,000 Australian Cupid site users.
Cupid, which operates 35 niche dating web sites, failed to take proper actions to secure and protect its members' information. Investigations found that the site was hacked in January 2013 and hackers were able to gain access to member's personal information that includes full name, date of birth, email addresses and passwords.
According to Commissioner Timothy Pilgrim businesses are expected to observe due diligence in keeping information security.
"This case highlights the importance of organisations conducting ongoing testing and maintenance of security systems to minimise the risk of a hack succeeding, and to ensure they are able to respond quickly if one occurs. Cupid's vulnerability testing processes did allow it to identify the hack and respond quickly. Hacks are a continuing threat these days, and businesses need to account for that threat when considering their obligation to keep personal information secure," Pilgrim said in a statement.
It was found out that Cupid was negligent as it did not have password encryption processes in place, hence, hackers were able to gain access conveniently.
"Password encryption is a basic security strategy that may prevent unauthorised access to user accounts. Cupid insecurely stored passwords in plain text, and I found that to be failure to take reasonable security steps as required under the Privacy Act," Pilgrim explained.
The investigation had also found that Cupid did not permanently de-identified personal information that is no longer required.
"Holding onto old personal information that is no longer needed does not comply with the Privacy Act and needlessly places individuals at risk. Organisations must identify out of date or unrequired personal information and have a system in place for securely disposing with it," Pilgrim noted.
Pilgrim is also calling all users of dating sites to regularly change password and update privacy settings of their accounts.
"I would also remind consumers using internet dating sites to regularly update your privacy settings, change your passwords and be careful about the personal information you share. You don't want to become a victim of identity theft or a scam."
To contact the editor, e-mail:
Most Popular Slideshows
- Top 5 Richest Tennis Athletes
- Angelina Jolie & Brad Pitt Heads to Malta For New Movie After A Whirlwind French Wedding [PHOTOS]
- 2014 US Open Update (Day 4 - Men's Singles): Murray, Djokovic, Raonic and Isner Advance to 3rd Round [PHOTOS]
- Kate Middleton’s Mom Accused Of Being A Social Climber, Prince George Not Seen By Relatives
Join the Conversation
- Centerplate CEO Des Hague Caught Abusing Dog In Vancouver Building Elevator [VIDEO]
- Boyfriend's Welcome Home Tribute In Candles Destroys His House
- 'Boob Aid': Japanese Porn Stars 'Excited' For 24HR Breasts Squeezing Charity
- The Most Insane Facts About The American Civil War That You May Not Know
- Viral Video Kevin Droniak Grandma: Teenager Shows Grandma Their Videos Together, Grandma Gives Priceless Reaction
- Apple iWatch is iPhone 6 Accessory on Sept 19 Release Date: 6 Confirmed Specs & Features
- iPhone 6 Release Date Update: 4.7-Inch Model Scores 65.8% In Screen-To-Size Ratio; A Surprise Entry Scales Top Spot [List Attached]
- Canada Vs Russia War Erupts Via Twitter on Russia-Not Russia Maps
- Product Recall Alert: Hewlett-Packard Pulls Out 6M Power Cords from US, Canada Over Fire Hazard Concerns, Australia Also Affected
- ISIS Wants $6.6M and Release of Aafia Siddiqui in Exchange of Head of Female US Humanitarian Aid Worker, 1st American Fighting for Jihadis Dead
- Ukraine Ceasefire Looks Remote As Putin Talks Tough At Meeting With Poroshenko
- Windows 9 To Include Interactive Live Tiles and Notification Center in Metro 2.0