It has emerged in the last week that some of the details of users of the eharmony website have been obtained without authorisation, however this does not apply eharmony UK customers. The supposed hacking relates to US users and only a small minority of those who have used the eharmony advice service located at advice.eharmony.com.
It seems that a security expert who had tried to alert the owners of the site has been able to used a sophisticated SQL injection technique to obtain user passwords and other information from the advice arm of the site. Although there seems to be no need for eharmony UK users to worry, if you do want to be asure that your account has not been compromised a simple password change should make sure that your account remains secure, as the vulnerability has been noted and patched by the dating service.
Here is a press release from the company :
The security of our customers’ information is extremely important to us, and we do not take this situation lightly.
Some data was obtained without authorization from an ancillary informational site we operate, eHarmony Advice, which uses completely separate databases and web servers than eHarmony.com. From one eHarmony Advice database, the hacker obtained a file that included user names, email addresses and hashed passwords. User names and passwords are needed to gain access to the message boards on the eHarmony Advice site.
Please be assured that eHarmony uses robust security measures, including password hashing and data encryption, to protect our members’ personal information. We also protect our networks with state-of-the-art firewalls, load balancers, SSL and other sophisticated security approaches. As a result, at no point during this attack did the hacker successfully get inside our eHarmony network.
In addition, please note that there was very little overlap between the eHarmony Advice data obtained and the data that resides within other properties. We have taken appropriate steps to remedy the situation and have notified any potentially affected customers, who comprise an extremely small fraction of our total eHarmony.com user base (less than 0.05 percent).
We deeply regret any inconvenience this causes any of our users.”