Security

Photo Credit: PR, Screenshot - Meetup.com

Meetup.com emails compromised, users sent spam and malicious links

Meetup Trust & Safety Manager Jenn Louie says Meetup accounts were not compromised to his knowledge. - email passwords accesed from somewhere else


This past Monday, Geektime had received and verified several reports of compromised Meetup accounts being used to forward spam and other sorts of malicious messages to Meetup users.

Photo C4redit: Screenshot of message sent from compromised Meetup account

Photo C4redit: Screenshot of message sent from compromised Meetup account

 

In the screenshot above, a link, sent by an account belonging to a user’s contact, leads to a scammy/spammy article posing as a legitimate news piece – see below:

 

Photo Credit; Screenshot of  scam/spam article forwarded through compromised Meetup account

Photo Credit; Screenshot of scam/spam article forwarded through compromised Meetup account

 

The article includes a call to action to join some shady “Online Income program,” and reap the same benefits as part time super-earner-lady mentioned in the headline.

Nothing to see here, move along

Geektime reached out to Meetup for comment and received an email response from Jenn Louie, Meetup Trust & Safety Manager. Loui claims that Meetup recently discovered the issue and has reset email passwords for the affected accounts. Loui went on to explain that there were no indications of Meetup.com itself having been successfully breached in any way and no user information was compromised, to their knowledge.

It remains unclear exactly how many users were effected. Loui remains vague on this point referring to only a segment of Meetup users being effected.

Loui further speculates that a common practice of re-purposing emails for multiple sites may be what lead to the issue, in which case user email passwords would have been retrieved through a breach of some other unrelated site.

Loui’s explanation is comforting, until one considers the fact that for the offered explanation to hold water, it must allow for the the assumption that this other breached site just so happened to be populated with a bunch of Meetup users who, as it stands, haven’t been complaining about services of theirs being compromised all over the place – only Meetup – at which point it becomes a little less comforting.

The good news is, we may have been inadvertently exposed to a method of making $90K working part time while doing absolutely nothing! Just think of all the Meetups we can go to with all that extra time.

The full text of Meetup’s response can be found below:

“The safety and security of our platform is our highest priority, and we work vigilantly to ensure that our members are not affected by spam. Yesterday, through the course of our ongoing safety monitoring, we noticed messaging spam affecting a segment of our member base. We immediately investigated the matter and chose to reset the passwords for the accounts involved and alerted our members to additional safety precautions they could pursue to ensure the security of their accounts. 
 
Please know that Meetup has no indication of having been compromised. Our members’ financial information and credit card data is secure. We never share members’ password information. Members’ passwords always remain hidden even when logged into their Meetup account. 
 
We acknowledge that some Meetup members use the same usernames and passwords across multiple sites. We currently believe that what we are seeing is a direct result of usernames and passwords having been stolen from attacks on other major websites now being used to sign in to some Meetup accounts with the purpose of sending spam.
 
As a general safety precaution, we always like to remind our members of what they can do to continue to keep their accounts secure:
  • Regularly update and change your passwords 
  • Use unique passwords for your different accounts
  • Don’t use identical login information across multiple websites or services
  • Don’t click on links you aren’t familiar with, especially in messages from individuals you don’t know
If our members ever encounter a suspicious message on the Meetup platform, we encourage them to exercise caution and to report it immediately using the flag/ report button on site or by emailing [email protected]. We take every report seriously and review each one. These reports assist our active efforts to protect our members. “
 
– Jenn Louie, Meetup Trust & Safety Manager

Photo courtesy: WikiMedia Commons

Lists

Top 10 tech startups clicking in Cardiff and Wales

Older than the Great Pyramid and Stonehinge, Cardiff carries the startup banner for most of Wales


Photo courtesy: Pixabay.com

Lists

Top 10 tech startups bustling in Belfast Ireland

The capital and largest city of Northern Ireland, birthplace of the RMS Titanic, and high-tech companies all help startups prosper


Smiling young business woman in Seoul downtown, South Korea. Photo Credit: LeoPatrizi

Smiling young business woman in Seoul downtown, South Korea. Photo Credit: LeoPatrizi

Entrepreneurship

Amazon is scared of Korea. But here’s how foreign entrepreneurs can succeed

Hint: It takes a little more than knowing 'Gangnam Style'


Bitcoin Source: Getty Images Israel

Bitcoin Source: Getty Images Israel

FinTech

Fintech and blockchain – a new wave of startups in the making?

Despite its relative infancy, blockchain technology is quickly proving its worth


Photo courtesy: Pixabay.com

Lists

Top 10 tech startups making progress in Minneapolis

A financial center that anchors the upper Midwest, Minneapolis and St. Paul spawn serious startups


Industry
mexico

mexico pd cc0 pixabay

Socially-focused startups tackle rural Mexico’s energy problems

Mexican startup companies are turning on the lights and treating water in the country's most impoverished regions


Industry
lima

lima pd cc0 pixabay

Endless Lima traffic spawns innovative startups

Let's talk about Lima


Industry

New concept: Booking meeting rooms at the heart of Tel Aviv by the hour

Meet in Place is a new venture that will allow you to book meeting rooms for 2 to 30 people at an hourly-based rate. Price: from 98 ILS for a classic room with coffee, soda and WiFi connection


Industry

Beginnings and beyond: a snapshot of Cisco’s investments in Israel 

When it comes to Cisco's history in Israel, it's easy to let the numbers tell the story of growth


Health
medtech

Entering a growing market: considerations for entrepreneurs in the field of digital health

With a market estimated to be worth $140 billion and expected growth to more than $400 billion in 2025, it is no wonder that many Israeli entrepreneurs are active in the thirst-for-innovation health sector. Still, many of them are closing down. We've prepared some tools to help you overcome the statistics


Security

Photo Credit: Tim Robberts / Getty Images Israel

4 Network Security Tips Progressive Small Businesses are Implementing

Network security isn’t a topic reserved for massive enterprises with a huge digital footprint. Even smaller businesses have to think about how they’re going to establish and monitor a network so they can be successful both now and in the future.


Entrepreneurship

Group of coworkers discussing project on digital tablet at office workstation Photo Credit: Thomas Barwick / Getty Images Israel

5 Tips for Diversify Your Portfolio as an Entrepreneur

diversification plays an important role in financial security so how can you diversify your assets for maximum ROI?


Security

Photo Credit: Colin Anderson Getty Images Israel

For Retail Startups, Security is Paramount



The Red Mail