A new wave of cyberattacks has recently struck several prominent U.S. companies, including Bumble Inc., Panera Bread Co., Match Group Inc., and CrunchBase. Bumble Inc., the parent company of dating apps Bumble, Badoo, and BFF, reported that one of its contractor accounts was compromised in a phishing incident.
Similarly, it has been reported that Bumble confirmed a similar intrusion, stating that the breach allowed the hacker “brief unauthorized access to a small portion of our network.” However, the company noted that member databases, Bumble accounts, direct messages, profiles, and the Bumble application itself were not accessed. Bumble has engaged law enforcement to investigate the incident.
Bumble, Panera Bread, Match Group, and CrunchBase Reports Cyberattacks
Panera Bread also reported a cybersecurity incident affecting one of its software applications used to store data. A company spokesperson confirmed that law enforcement had been notified and that steps were taken to secure the system. The affected data primarily included contact information, although Panera did not provide additional specifics about the scope of the breach.
Similarly, Match Group reported on Wednesday that it had experienced a cybersecurity incident impacting a “limited amount of user data.” According to Bloomberg, a spokesperson for Match reassured users that there was no evidence of compromised login credentials, financial information, or private communications. The match’s system was breached on January 16, although the exact timing of the other incidents affecting Bumble, Panera Bread, and CrunchBase remains unclear.
CrunchBase, the business information platform, confirmed that documents on its corporate network were affected by cyberattacks but stated that the company had successfully contained the incident. No details were provided about whether any sensitive user or company data was accessed.
Limited Data Exposure but Extortion Demands Reported
A hacking group known as ShinyHunters has claimed responsibility for the attacks on Bumble, Panera Bread, Match, and CrunchBase. While these claims could not be independently verified at this time, their posts noted that they are using innovative vishing techniques. Voice phishing aimed at tricking employees into revealing credentials for single sign-on systems.
Additionally, it has been reported that hackers associated with the ShinyHunters group have reached out to some of the victims requesting payment. Despite these reports, none of the affected companies, including Bumble, Panera Bread, Match, or CrunchBase, have publicly commented on the extortion claims.
Experts Warn of Rising Social Engineering Threats
The recent incidents underline the growing threat of cyberattacks targeting U.S. businesses, particularly those handling large volumes of user data and corporate information. In most of these attacks, social engineering campaigns target unsuspecting victims, combining phishing, vishing, and exploitation of cloud-based systems to gain access.
The Cyber Express has reached out to Bumble, Panera Bread, CrunchBase, and Match Group for further comments. As of now, no additional information or updates on the extortion demands have been provided. Cybersecurity analysts and industry observers are closely monitoring the situation, noting that this series of attacks could signal a broader trend in high-profile cyber threats affecting both technology and consumer-facing companies.
This story is ongoing, and The Cyber Express will continue to provide updates as more details emerge about the scope of the cyberattacks and any responses from the affected organizations.