OkCupid denies data breach claims following account compromises

11 Feb 2019

Image: OkCupid

Dating site OkCupid says it has not fallen victim to a data breach, despite users reporting account compromises.

Google last week announced it had implemented its machine-learning framework, TensorFlow, to help track down the trickier spam messages that may hit our Gmail inboxes.

Meanwhile, the saga of the EU copyright directive continues, as member states and lobby groups continue to argue over the exact parameters of the rules.

In other news, Germany’s competition watchdog has told Facebook it needs to re-examine its data collection practices, including tracking internet users that are not even members of the social network.

Read on for your fill of the latest enterprise news.

Dating site OkCupid denies security breach

A report from TechCrunch published on Sunday (10 February) says that a number of users of the online dating site OkCupid have had their accounts hacked using leaked or guessed passwords. The company said there has not been a security breach, adding that “all websites constantly experience account takeover attempts”.

Many security experts have noticed that OkCupid does not use two-factor authentication and it is far from the only website not implementing this extra security layer. Sites such as Match and eHarmony also only use single-factor authentication, which makes an account a much softer target for hackers.

Australian government authorities investigate an attempted hack

On Friday (8 February), the Australian parliament said that hackers tried to break into its computer network, which includes the email archives of lawmakers.

In a joint statement, presiding officers Tony Smith and Scott Ryan said: “Following a security incident on the parliamentary computing network, a number of measures have been implemented to protect the network and its users.”

All users had to change their passwords but the authorities say there is no evidence the data was accessed. ABC Australia says a foreign government could be the culprit.

FBI claims to have infiltrated and mapped a North Korean botnet

The FBI in the US has claimed to have infiltrated Joanap, what it claims is a botnet of hijacked computers operated by actors in North Korea.

According to Naked Security, the botnet was identified years ago, but authorities found a number of unprotected machines hosting the malware that underpins it. The botnet is apparently spread initially by this malware, which is dubbed Brambul.

Paul Delacourt of the FBI in Los Angeles said: “We urge computer users to take precautions, such as updating their software and utilising antivirus, in order to avoid being victimised by this type of malware.”

New Chrome extension helps protect your account from data breaches

Last week Google announced a new Chrome extension, Password Checkup, which will trigger a warning if the username and password you use is one of more than 4bn credentials that the tech giant knows is unsafe. If a credential pairing is deemed unsafe, it will show a warning.

Designed with cryptography experts from Stanford University, the extension will never learn usernames or passwords, or provide these to the company, Google said.

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com