A threat actor has allegedly leaked over 85,000 user records from MeetNChill, a popular global social networking and dating platform. The claims were made on a dark web forum, where the threat actor posted what they claimed to be a database containing sensitive user information, including private messages, contact forms, device tokens, and account details.
According to the forum post, the exposed data includes unique chat room identifiers, user IDs, private text conversations, and shared media files such as images and videos. The threat actor also claimed that users’ phone numbers, email addresses, and read/unread message statuses were part of the leak, alongside timestamps for chat activity.
Further allegations suggest that user-submitted contact forms, containing names, emails, and inquiry details, were compromised. The threat actor claimed that device information, including device IDs, tokens, and OS types, was also exposed.
The most concerning claims relate to user accounts. The threat actor alleged that registered email addresses, usernames, full names, gender, date of birth, and location data were part of the breach. They further claimed that some passwords were stored in plaintext, while others were hashed with potentially weak encryption.
The dark web post includes samples.
