Menu
Browse

Cyber Incident Victim: Match.com

Date:

Jan 2026

Location:

United States of America

Summary

A cyberattack targeting multiple companies including Match, Bumble, Panera Bread, and CrunchBase involved compromised contractor accounts through phishing and vishing tactics attributed to the ShinyHunters group. The attackers accessed limited user data such as contact information but did not obtain login credentials, financial details, or private communications. Mandiant identified the campaign as utilizing novel social engineering techniques to breach single sign-on systems, enabling unauthorized access to SaaS environments for data theft. The group demanded extortion payments, though affected organizations contained the incidents and notified law enforcement without confirming ransom demands.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 1 technique
Threat Actor Type Location
1 actor Available to members Available to members

Description

In January 2026, Match Group Inc. experienced a cybersecurity incident involving unauthorized access to a limited portion of its systems. The breach occurred on January 16, though the exact duration of access and full timeline of attacker activities remained unspecified. Match confirmed the incident compromised a "limited amount of user data" but explicitly stated there was no evidence that user log-in credentials, financial information, or private communications were accessed. The company initiated customer notification procedures following the discovery, though the specific method or timeline for these notifications was not detailed in public statements. Match did not disclose the exact nature of the compromised data, the number of affected users, or the specific systems initially breached. Law enforcement was engaged in response to the incident, though no further details regarding investigative collaborations were provided.

Cyber Incident Image

The incident formed part of a broader campaign attributed to the threat actor group ShinyHunters, which cybersecurity firm Mandiant linked to a series of social engineering attacks targeting U.S. companies. Mandiant’s analysis revealed the group employed novel "vishing" (voice phishing) techniques to compromise single sign-on credentials, enabling remote access to victim networks. After initial infiltration, attackers reportedly pivoted to software-as-a-service environments to exfiltrate sensitive data. ShinyHunters claimed responsibility for breaches at Match, Bumble, Panera Bread, and CrunchBase, though Match did not publicly confirm the attribution. The group allegedly issued extortion demands to some victims, though Match declined to comment on whether it received such demands. The operational impacts on Match’s services, if any, were not disclosed, and the company did not specify whether third-party contractors or supply chain vulnerabilities contributed to the breach. Containment measures were implied through Match’s cessation of unauthorized access but lacked technical specifics regarding system remediation or enhanced security protocols implemented post-incident.

Sources
Sources available to members
2 sources