HQ/EMEAFind out how we can help your business
Popular online dating platform Coffee Meets Bagel suffered an outage last week after threat actors breached its systems and deleted company data.
The affected entity is a dating website dedicated to creating a platform where users can look for committed relationships instead of casual dating.
The Coffee Meets Bagel outage resulted in numerous cancelled plans.
The cyberattack against Coffee Meets Bagel became a worldwide issue as numerous users could not plan their dates since they could not communicate with their matches.
On the other hand, CMD confirmed that a breach disrupted their systems since the attackers deleted the company data that affected the production servers. Fortunately, the website assured everyone that they immediately re-established a secure environment for their tech team to restore their production services and contacted relevant law enforcement agencies.
As of now, Coffee Meets Bagel has yet to confirm the exact nature of the cyberattack. Hence, researchers could not speculate if it is a ransomware attack that could encrypt an entity’s data, making it useless. The only detail about the attack is that the threat actors deliberately deleted the data to take down its services.
CMB’s service is back online, and the company has extended chats by a week and subscriptions by 14 days. The company also provided 1,000 free beans to their new subscribers before the outage occurred.
Furthermore, their users who sent flowers or likes to their matches on August 27th will receive additional items in their profile. Any user who boosted their accounts will receive an extra boost in their shape once the platform’s Boost system becomes available.
CMB also addressed the concerns about unattended conversations and ghosted matches. They clarified that all couples suffered from the disruption; hence, no one is left hanging in their discussions.
The dating platform advises everyone to relog their accounts since CMB has automatically logged all users out of the system during the malicious incident.
The campaign has yet to reveal the true impact of the campaign. Therefore, user data and credentials are still in question and if it suffered compromise.
