eHarmony

EXCLUSIVE: eHarmony Members’ Personal Information Accessed In Security Breach

eharmony

eHarmony has suffered a security breach which saw the personal information of their customers accessed.

Yesterday, eHarmony sent an email to users saying that “an unauthorised third party improperly accessed” member accounts and personal details.

The Santa Monica-based company said they had “recently learned” of the breach, which saw the following member information accessed: first and last names, email addresses, physical addresses, encrypted passwords, phone numbers and membership dates.

eHarmony said that no credit card data was accessed.

The international dating site has reset the passwords of affected customers.

We contacted eHarmony asking for clarification on the security breach, and while the UK team denied a comprise had occurred, the US team confirmed it, providing the following statement:

“Some eHarmony members’ passwords were recently reset due to a potential unauthorized access of accounts that was discovered and addressed immediately.  We are still investigating the situation but no financial information was accessed and those members who were impacted were notified right away. As always, eHarmony is committed to protecting the privacy of our members.”

We have asked eHarmony for further information regarding the breach, and will update the story if we receive more details.

Here is the email sent to eHarmony members:

From: “eHarmony Customer Care” <Customer_Care@eharmony.com>
Date: 20 November 2014
To:
Subject: Important Message From eHarmony
Reply-To: “eHarmony Customer Care” <userservices@eharmony.com>

Dear eHarmony Member,

Our members’ privacy and security is of the utmost importance to us. We, therefore, want to keep you informed of a situation that affected certain customer information.

We recently learned that an unauthorized third party improperly accessed some member accounts and information. The member information involved includes: member first names, last names (if provided), email addresses, physical addresses (if provided), encrypted passwords, phone numbers (if provided) and certain membership dates. eHarmony does not retain credit card data in any of our systems and no such data was accessed.

We are in the process of investigating this matter and do not currently have additional information related to this potential compromise.

As a precautionary measure and for your protection we have reset your eHarmony password. To access your account and change your password, please follow the instructions below:

Click on this link:
http://www.eharmony.com/singles/servlet/support/lostpassword

Enter your email address (associated with your eHarmony account) and your zip or postal code.

Note: You will receive password update instructions to your email address.

We advise you to create a strong password of at least 8 characters, composed of lowercase and uppercase letters, numbers and symbols. It’s wise to choose a different password for every website you use.

If you need help creating a new password or have additional concerns, please contact our Customer Care team. You can reach us via email, 24 hours a day, at passwordsupport@eharmony.com.

We apologize for any inconvenience or concern that this may have caused.

Regards,

Your eHarmony Customer Care Team