Friday, February 11, 2011
eHarmony Advice hacked in June 2009
It seems it was circulating between black hat hackers (the bad ones) a rumour about how to hack PlentyOfFish, eHarmony and other online dating sites.
Some white hat hackers (the good ones) received that information and decided to prove if that was true.
It takes nearly 4 seconds to download the info from a profile using SQL injections, 15 profiles per minute, and 900 per hour.
21,600 per day, and 1,388 days to download a 30 million profiles database (3.8 years)
It also seems several online dating sites, like PlentyOfFish and eHarmony HAD BEEN ALERTED IN ADVANCE, during 2009 about security holes, but they had not paid the attention it deserved.
See also from June 2009
"eHarmony is in big trouble: Have spammers hacked eHarmony Advice?"