Coffee Meets Bagel reports massive data breach on Valentine’s Day

Millions of people who use the dating app Coffee Meets Bagel woke up on Valentine’s Day to some unsetting news: their personal information had been compromised.

Coffee Meets Bagel reported a massive data breach affecting “approximately” six million users Thursday. That news of the hack just so happened to coincide with Valentine’s Day is a fittingly cruel twist for the service that purports to be about making “authentic connections.”

“With online dating, people need to feel safe. If they don’t feel safe, they won’t share themselves authentically or make meaningful connections,” the company said in a statement. “We take that responsibility seriously, so we informed our community as soon as possible—regardless of what calendar date it fell on—about what happened and what we are doing about it.”

Coffee Meets Bagel sent out emails alerting users of the data breach Thursday morning, saying it first learned of the hack just days before.

“On February 11, 2019, we learned that an unauthorized party gained access to a partial list of user details,” the company wrote. “The affected information only includes your name and email address prior to May 2018. As a reminder, we never store any financial information or passwords.”

The company didn’t comment on who was behind the hack, or when it took place.  In a statement, the company said “this was part of a larger breach affecting 620 million accounts that got leaked across sixteen companies.” The Register reported Monday that account information for more than 620 million accounts was for sale on the dark web. Coffee Meets Bagel was one of 16 websites named. 

In its email to users, the company said it has hired forensic security experts to investigate internally and that it is conducting audits with its third-party vendors.