X

Hackers steal passwords from military dating site

LulzSec comes back with data dump from site for single military officers.

Elinor Mills Former Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
See full bio
Elinor Mills
2 min read
Hackers expose e-mail addresses, passwords, and other data they said comes from dating site Military Singles.com.
Hackers expose e-mail addresses, passwords, and other data they said comes from dating site Military Singles.com.

Hackers broke into the database for a military dating Web site and stole passwords, e-mail addresses, and other information from nearly 171,000 accounts, according to a post on the Pastebin site this weekend:

"The website http://www.militarysingles.com/ was recently closed day ago or so, so we dumped email db," the hackers said in their post. "There are emails such as @us.army.mil ; @carney.navy.mil ; @greatlakes.cnet.navy.mil ; @microsoft.com ; etc.."

So-called "data dumps" are a common occurrence, but what makes this one notable is that the group is using the names "LulzSec" and "LulzSec Reborn." The FBI announced the arrest three weeks ago of alleged key members of the LulzSec group of hackers who had taunted government agents and harassed government contractors and other corporations by attacking their sites and stealing data since last year. The group was reportedly brought down by one of their own, known as "Sabu," who had apparently been working as an informant since last summer when he pleaded guilty to computer hacking conspiracy and other charges.

Related stories

The group took credit for attacks on sites belonging to Sony, PBS.org, the U.S. Senate, CIA, Arizona sheriffs, and others before announcing last June that they were calling it quits following a 50-day hacking spree. Their retirement was short lived though, as hackers using the LulzSec name continued their seige on law enforcement and corporate sites.

Representatives from ESingles, which operates the dating site, did not respond to an e-mail seeking comment today. However, the firm commented on an article about the breach on DataBreaches.net:

We at ESingles Inc. are aware of the claim that someone has hacked MilitarySingles.com and are currently investigating the situation. At this time there is no actual evidence that MilitarySingles.com was hacked and it is possible that the Tweet from Operation Digiturk is simply a false claim.

We do however take the security and privacy of our members very seriously and will therefore treat this claim as if it were real and proceed with the required security steps in order to ensure the website and it's database is secure. Admin, MilitarySingles.com

To which DataBreaches.net responded, saying: "I compared the database in the .rar file to the 'online members' pictured on your home page and the entries in the data dump correspond to those usernames."

Meanwhile, the photos of singles on MilitarySingles.com were not being displayed this afternoon, replaced with this wording: "Error: Slideshow data cannot load due to security issue."

Updated 4:08 p.m. PTWith ESingles comment on DataBreaches.net report.