'Plenty of Fish' Breach Involves Blackmail, Mafia?

Jane McEntegart

There’s a lot of drama in the world of online dating.


Popular dating Website Plentyoffish has supposedly been hacked and founder Markus Frind says the hacker is out to get him. Plentyoffish notified users of the breach, but did not elaborate as to why the site was targeted in the first place. One Tom’s reader received the following email from the Website:

"As a security precaution we have reset everyones password on plentyoffish. If you used your plentyoffish password elsewhere we suggest you reset it. Even if you didn't, resetting all your passwords every 6 months is a good idea. We did this after a hacker came to us telling us he had access to our data. For further assistance with changing your password please see our help page:


However, things behind the scenes have gotten very messy indeed. A man named Chris Russo has told news websites that he and his team found a vulnerability in Plentyoffish.com and that he tried to inform Markus Frind and the Plentyoffish team that the personal details of 28 million users was at risk. Though Rind was supposedly responsive at first, Russo says he got progressively more aggressive and eventually demanded that Russo speak instead with two Plentyoffish employees called Kate and Jay, because a serial killer was killing off users (we’re not making this up).

Russo says he arranged to send the information about the vulnerabilities, along with his team’s CVs by January 31. However, an email from Markus Rind sent on January 30 shows that the founder now believes Russo and his team tried to hack the database.


If this data goes public I am going to email every single effected
user on Plentyoffish your phone number, email address and picture.
And tell them you hacked into their accounts.

Then i'm going to sue you In Canada, US and UK and argintina. I am
going to completely destroy your life, no one is ever going to hire
you for anything again, this isn't piratebay and we definately aren't
fooling around.

Markus



Russo says that three phone calls followed that email, and that the police are trying to recover them. In them, Frind supposedly implied that sites like his have connections to the mafia and other criminal organizations.

Meanwhile, Frind tells a different story. He says Plentyoffish has been hacked and that he has been blackmailed. In a post published on the Plentyoffish blog, Frind says Russo blamed the hacking on Russian criminals.

“[...] My wife gets a call from Chris Russo that plentyoffish has been hacked into and that Russians have taken over his computer and are trying to kill him, and his life is in extreme danger and they are currently downloading plentyoffish’s database. Chris is trying to create a sense of panic. I listened in the background and I closed the breach if indeed there was one while my wife was on the phone and then I immediately ordered an investigation. Over the next 24 hours we got a lot of voice mails from Chris Russo frantically wanting to talk to us.”


Frind goes on to say that his wife then got a call from a reporter who said he'd talked to Russo, and that Russo had told him there was a breach at Plentyoffish. The reporter, Brian Krebs, said he'd talked to Russo once before and described him as a "harmless 23-year old kid” from Argentina. Frind then spoke to Russo who again said the Russians had complete control of his computer and were set to steal $30 million from a ‘string of dating sites’ including eHarmony. When they hung up, Frind phoned eHarmony who confirmed that they’d heard from Russo and that he’d tried to extort money from them too.

The next time Frind spoke to Russo, he says his tone had changed. He was no longer frantic, or worried about being killed off by the Russian mob. Instead, Russo said he had himself a business partner named Luca and the two were asking to be hired by Plentyoffish to do a complete work over of the site’s database and computer systems to make sure such a breach never happened again. Alluding to his email in which he threatened to ruin Russo’s life, Frind mentions that he also emailed the 23-year-old man’s mother.

“Next, I just get pissed off and start explaining how i’m going to sue them out of existence if the data comes out. They are trying to extort us, but they are making stuff up as they go along because they have absolutely no idea what they are doing. At this point I did the only logical thing; I emailed his mother.”


Russo has yet to confirm if Frind really did contact his mother, but we hope they get to the bottom of this sticky situation soon. As intriguing as it is to read about, there are nearly 30 million Plentyoffish users. Russo claims names, emails, passwords and PayPal accounts were involved in the breach but it’s unclear as to what's actually true at this point