ShinyHunters has leaked data of 2.28 million users of a dating website MeetMindful that includes real names, Facebook account tokens, email addresses and geo-location information.
ShinyHunters has shared the leaked date in a 1.2GB file as a free download on a publicly accessible hacking forum, according to a report in ZDNet.
“The content of this file includes a wealth of information that users provided when they set up profiles on the MeetMindful site and mobile apps,” said the report citing a cyber security research on Sunday.
The leaked data also includes body details, dating preferences, marital status, birth dates, IP addresses and Bcrypt-hashed account passwords.
The message on the website reads: “This website is using a security service to protect itself from online attacks.”
MeetMindful was founded in 2014.
For several MeetMindful users, the leaked data can be used to trace their dating profiles back to their real-world identities.
The data is still available for download on the public file-hosting site where it was initially uploaded.
Several hackers have been engaged in sextortion where they contact dating site users, threatening to expose their profiles to family unless they pay a ransom.
ShinyHunters has been involved in several data breaches recently, including allegedly leaking sensitive data of nearly 3.25 lakh users of Delhi-NCR based global cryptocurrency exchange and wallet, BuyUcoin, on the Dark Web.
ShinyHunters has also leaked 1.9 million (19 lakh) user records stolen from free online photo editing application Pixlr.
Three other Indian companies — e-marketplace ClickIndia, fintech startup for small business owners ChqBook and wedding planning website WedMeGood — were also breached possibly by the same hacker.