Plenty of Fish website hacked and is now called ‘”Plenty of Passwords”
Plenty of Fish – a leading online dating site – it now being referred to as “Plenty of Passwords” after it violated a security 101 rule: storing user passwords as plain text rather than in encrypted form. According to the latest news, only 345 member accounts were stolen, however it’s a sad reminder that companies’ Web sites are often the low hanging fruit entry point for data theft. With a user base of over 17 million, the lack of security enforcement is all the more shocking.
And there’s been almost more scandal on how the company has handled the hack as much as the hack itself. Rather than admitting the mistake, apologizing, and promising to do more (standard operating procedure in breach damage control) Plenty of Fish’s CEO, Markus Frind, posted a confusing personal account of the incident. He’s now being accused of disregarding the security and privacy of his customers by placing the blame on others.
CEOs take note: finger pointing only sullies your brand name more.
