Hospitality exchange service Couchsurfing experiences email list mayhem
Network intrusion; Unauthorized use of system administrator privileges
The company’s distribution system was hacked right before messages endorsing a rival “sleep with a stranger” site were sent to many of its one million members.
The email headed "Site Improvements" appeared to prompt recipients towards the rival paid service Airbnb.
CouchSurfing hosts and guests do not exchange money.
“Indications are that the attempted XSRF attack (cross-site request forgery) was not successful,” the Register reports.
Couchsurfing declined to on whether the offending emails pushed maliciouscode.
In a statement on its support site, the company "apologised for any confusion" the incident may have caused.
Couchsurfing said that "member data was not exposed.”
August 26, 2014
Link to report
location of breach
location of perpetrators
date breach occurred
August 15, 2014
date breach detected