ShinyHunters, a notorious cybercrime group known for its evolving attack strategies, has reportedly targeted popular dating platforms Bumble and Match in a recent data breach. Once primarily associated with ransomware campaigns, the group has increasingly shifted its focus toward data exfiltration and extortion, targeting large organizations and cloud-based infrastructures.
According to information shared with Cybersecurity Insiders, the attackers managed to steal internal company documents along with a limited amount of user-related data.
Bumble addressed the incident through an official press statement, assuring users that no member accounts or profile data were accessed during the breach. The company emphasized that sensitive user information is stored on a separate server protected by encryption, which prevented the attackers from gaining direct access to customer profiles. Bumble further stated that it is actively investigating the incident and working to strengthen its security controls.
Initial findings suggest that the breach was the result of phishing and vishing (voice phishing) attacks, techniques commonly used to deceive employees into revealing credentials or granting unauthorized access. These forms of social engineering bypass traditional technical defenses by exploiting human error. Adding credibility to these claims, a Telegram-based source alleged that ShinyHunters operatives gained access to files stored within Bumble’s official Google Drive environment, as well as internal Slack communications. If confirmed, this would indicate a compromise of internal collaboration tools rather than core production systems.
Match Group, the parent company behind major dating platforms such as Tinder and OkCupid, also acknowledged being affected by the incident. In a similar statement, the company confirmed that a limited set of user data was exposed. However, Match reassured users that critical information—including login credentials, financial details, and internal employee communications—remained secure and was not impacted by the breach.
While both companies have emphasized that the scope of the breach was limited, the incident highlights a broader trend in cybercrime. Threat actors are increasingly targeting cloud services and collaboration platforms, which often store sensitive internal documents and rely heavily on employee access controls. The attack also underscores the importance of robust cybersecurity awareness training, particularly in defending against phishing and vishing attempts.
As investigations continue, the breach serves as a reminder that even well-established digital platforms are vulnerable to social engineering attacks, reinforcing the need for continuous security improvements and employee vigilance.
Join our LinkedIn group Information Security Community!
