Coffee Meets Bagel (CMB), a dating platform with a focus on connecting individuals interested in serious relationships, recently found itself at the center of a cyberattack that resulted in a worldwide outage. The platform, known for its unique approach to online dating, suffered an extended disruption that left users unable to coordinate dates and engage with their matches.
CMB has now confirmed that the outage, which occurred last week, was the result of a malicious breach of their systems. In an official statement, the company revealed that an external actor had deliberately deleted company data and files, causing their production servers to malfunction. In response to the incident, CMB took prompt action to restore a secure environment for its technology team and reported the attack to law enforcement authorities.
However, critical details regarding the nature of the attack remain undisclosed. It is unclear whether the attackers used ransomware to encrypt and render data unusable or if they intentionally deleted data to disrupt the service. BleepingComputer, a technology news and support platform, reached out to CMB for further clarification on the attack but did not receive a response.
While CMB has managed to bring its service back online as of September 3rd, it has taken measures to compensate affected users for the inconvenience caused. Users can expect extensions on their chat and subscription durations, with chats extended by seven days and subscriptions by 14 days. Additionally, for those who had been members for two weeks before the outage, CMB is offering 1,000 free beans, a virtual currency used within the platform. Users who sent Discover Likes or flowers to their matches on August 27th will find additional items in their profiles, and those who boosted their profiles will receive an extra boost when the Boost system returns online.
To alleviate concerns that users might feel they were ghosted during the outage, CMB assured its user base that the platform was inaccessible to everyone during the disruption period. However, to regain access to their accounts, all users are required to log back into the system, as the company automatically logged them out at the time of the attack.
Notably, this is not the first time Coffee Meets Bagel has been targeted by cybercriminals. In 2019, on Valentine's Day, the company disclosed a data breach that exposed user email addresses and names, indicating a prior vulnerability in their security infrastructure.
The recent cyberattack serves as a stark reminder of the persistent threats faced by online platforms and the importance of robust cybersecurity measures. While CMB has addressed the breach and taken steps to compensate users for the disruption, it underscores the need for all online services to continuously prioritize security to safeguard user data and trust.
A Data Breach is a situation in which information security has failed, enabling sensitive data of any kind to be accessed by unauthorized individuals despite whatever protections were in place. Data breaches have become a particular concern in recent years because such stolen data is often subsequently distributed widely, in particular on the dark web, where it is often aggregated and sold for illicit activity, identity theft, or further cyberattacks of various kinds.