The following was sent to DataBreaches.net this morning by someone claiming to have received it. Roomsurf did not respond to multiple emailed inquiries throughout the day and evening asking them to confirm or deny whether this was sent by them to members. Roomsurf.com’s site, which currently has no notice about any breach, claims that they have 1,160,508 members.
From: Roomsurf <contact@roomsurf.com>
Subject: Important Message from Roomsurf to our Members
Date: February 15, 2018 at 3:01:57 PM CST
To: <xxxxxxx@gmail.com>
Reply-To: Roomsurf <contact@roomsurf.com>Dear Roomsurf Members,
Student safety has always been our top priority at Roomsurf. I wanted to notify you that we recently experienced a data breach into certain user contact information that included names, phone numbers, and email addresses.
Because your safety is our top priority, Roomsurf does not store your credit card information, so none of your financial related information has been taken or compromised.
Our top priority is taking care of you and helping you feel confident about using Roomsurf and it is our responsibility to protect your information when you use our Website.
Please know we moved as swiftly as we could to address the problem once it became known and specifically, we have:
1. Closed the access point that the outside users used
2. Moved the Roomsurf Website code and databases onto brand new servers with new security safeguardsWe appreciate your understanding with this matter and apologize for any inconvenience this may have caused.
Sincerely,
Dan Thibodeau
CEO