The security researcher Brian Krebs located a database containing email addresses post officeuh, codes accesss, names and dates of birth from the 42 million users of Cupid Media. Unfortunately, all passwords found by the researcher are in plain text.
The attack on Cupid Media was likely in January of 2013. At that time, the company told its members to reset their passwords. However, the incident was not disclosed to the general public.
The company's CEO, Andrew Bolton, told Krebs that when the breach was discovered, they hired a company to implement additional security measures, as well as encryption in passwords.
Bolton argues that many of the files in the database leaked by hackers are old, inactive or deleted. However, he promised that the company will further investigate the incident on the basis of this new information.
Of course, it should come as no surprise that many of Cupid Media's customers had very easy passwords. 1,9 million people used the code "123456" and 1,2 million used "111111".
The most popular non-numeric passwords are: "iloveyou", "lovely", "qwerty", "password", "AZERTY", "loveme", "aaaaaa", "MyLove", "iloveu" and "zxcvbnm."