David Gilbert reports an update to the hack of Russian dating web site Topface. As noted previously on this blog, the data had been put up for sale. Now Gilbert reports:
Russian dating site Topface has confirmed it has paid off a hacker who revealed a flaw in its security systems, through which he stole 20 million email addresses.
[…]
It has also been revealed that the hacker has been paid by the website and will be working with Topface in an on-going capacity. The website’s CEO Dmitry Filatov told IBTimes UK:
We also were able to find and contact the hacker who published (and then deleted them) the ads with an offer to sell email database. He has confirmed the findings of our investigation and has made an agreement with Topface for no further distribution of acquired email addresses database. Due to the fact that he has not passed the data to anyone and has no intention to do so in the future, we will not accuse him, moreover, we have paid him an award for finding a vulnerability and agreed on further cooperation in the field of data security.
Read more on International Business Times.