Hackers have published the personal details of nearly 150,000 users of Muslim Match, a niche website that touts itself as a free online marriage service for followers of Islam.
A security breach suffered last week by the website exposed user information associated with 149,830 accounts on MuslimMatch.com, including usernames, email addresses and poorly-encrypted passwords, security researcher Troy Hunt revealed Wednesday.
Copies of the leaked trove have since become easily obtainable online, including a file containing roughly 790,000 messages sent between users, online magazine Motherboard reported. Those conversations range from small talk to religious discussions and marriage proposals, and appear to also include instant messages sent among the website’s users, according to the website.
“I’m interested to get to know you, as I am looking for a soul mate / wife, and hope that it will be you,” reads one of the leaked messages, as reported Thursday by IBTimes. “Please write to me and send me your photo please. I will tell you everything about myself too, and please don’t go by what is written in the profile. There are lots to tell you about. Life is too short to waste it without loving someone and be loved by someone.”
Muslim Match was launched in 2000 and describes itself as “the fastest growing Muslim marriage sites dedicated to delivering a 100% free marriage service.” The website was briefly offline Wednesday after its administrator was told of the hack, and has since updated its homepage to say its “taking a short break” during Ramadan, the Muslim holy month.
In reviewing the leaked dataset, Motherboard said its researchers were able to correlate private messages with specific accounts, as well as IP address information that suggests where users were located when they accessed the site.
The breach affects nearly 150,000 users worldwide, including in the U.K., Pakistan and U.S., Motherboard reported. The site administrator did not respond to Motherboard’s requests for comment.
Prior to the breach, Muslim Match’s website said it provided “a safe, secure, trusted Muslim matrimonial and pure matrimony service.”
One of the affected users, “Rook,” told Motherboard that he viewed the breach as “very scary.”
“There is so much intimate information placed on [this] website to begin with, when you are genuine about finding a perfect match,” the user said.
“It’s easy to imagine how this information could be abused if it fell into the wrong hands,” added Graham Cluley, a British security researcher who blogged about the breach Thursday.
Data stolen from dating website Ashley Madison last year was soon used as ammunition by extortionists and scam artists, leading to two Canadian law firms filing a $578 million class-action suit in response to the breach.