Bumble, Match Group, and CrunchBase hit by cyberattacks
What's the story
A wave of cyberattacks has targeted Bumble Inc., Panera Bread Co., Match Group Inc., and CrunchBase Inc. The attacks were carried out by a group calling itself ShinyHunters. Bumble Inc., the parent company of dating apps like Bumble and Badoo, confirmed that one of its contractor's accounts was recently compromised in a phishing incident.
Network breach
Hacker gained unauthorized access to part of Bumble's network
The hacker gained unauthorized access to a small part of Bumble's network, but the company believes the access has ended. Notably, the attack didn't compromise Bumble's member database, member accounts, application direct messages or profiles. The company has since contacted law enforcement about the incident and is working with cybersecurity experts to investigate it further.
Data breach
Panera Bread's data storage software accessed by hacker
Panera Bread also confirmed a cybersecurity incident and has alerted authorities. A hacker gained access to a software application that the restaurant chain was using to store data. The company said that the data involved in this breach is contact information. However, further details about the extent of the breach or what specific information was accessed have not been disclosed yet.
User data breach
Match Group confirms limited user data breach
Match Group, the parent company of Tinder and other dating apps, also confirmed a cybersecurity incident. The company said that a limited amount of user data was affected in the attack. But it stressed that there is no indication that user login credentials, financial information or private communications were accessed by the hackers.
Information
CrunchBase's corporate network documents affected
CrunchBase, a data provider website, also fell victim to the cyberattack. The company confirmed that documents on its corporate network were affected by the attack. However, it assured that the incident has been contained and further damage was prevented.
Attack details
ShinyHunters group claims responsibility for attacks
The ShinyHunters group has claimed responsibility for the attacks on Bumble, Panera Bread, Match Group, and CrunchBase. Mandiant, a cybersecurity company owned by Google, recently warned about the ShinyHunters campaign. The firm revealed that the group used novel "vishing" techniques to compromise single sign-on credentials from victim organizations and remotely access their systems.