Online dating site Plentyoffish.com suffered a cyber-attack last week that compromised the users’ passwords, usernames and email addresses, according to a blog post by Plentyoffish CEO Markus Frind.
“This is a personal post about what it feels like to be hacked /extorted and the intense pressure and stress you are put under,” writes Frind on the Plentyoffish blog. “Plentyoffish was hacked last week and we believe emails usernames and passwords were downloaded. We have reset all users passwords and closed the security hole that allowed them to enter.”
According to Frind, the hacker is one Chris Russo, a resident of Argentina. The “well planned and sophisticated attack” took Russo two days to execute. Foolishly, Russo “didn’t even try to hide behind a proxy, signed up under his real name and executed the attacks while logged in as himself,” writes Frind.
Then it gets weird:
“At midnight Miami time my wife gets a call from Chris Russo that plentyoffish has been hacked into and that Russians have taken over his computer and are trying to kill him, and his life is in extreme danger and they are currently downloading plentyoffish’s database. Chris is trying to create a sense of panic….
“…A bit later I am on the phone with Chris as well. Chris tries to create intense sense of pressure and urgency, saying I have to either fly to Argentina or Washington DC so he can help me stop these attacks from the Russians. He says the Russians have complete access to everything including our bank accounts, and they want to steal about $30 million from a string of dating sites including ours.”
In subsequent conversations, Russo and his “business partner ‘Luca'” tried to convince Frind to hire them in order to keep the “Russians” from releasing the data. Frind then told them he needs their resumes — which they actually provided.
“Now we start thinking both of them are completely retarded,” says Frind. So, after threatening Russo and Luca with legal action, “I did the only logical thing,” says Frind, “I emailed his mother.”
Read the full account, including rebuttals from Russo in the comments section, who claims he was merely trying point out a security hole, at Frind’s blog.