LovePlanet 2015 Data Breach
ObscureIQ Breach Intelligence
High SeverityWebsite / service breach
LovePlanet Russian Dating Platform Breach (2015): 20 Million User Accounts Including Passwords Exposed
Russian online dating platform.
Verified by ObscureIQ Intelligence
65/100Breach Risk Index
25Data Value
25Market Recency
447dSince Breach
Breach Intelligence Summary
Entity: LovePlanet · Actor: GnosticPlayers · Sources: 2 references
Attack: Unknown
Profile: Platform · Online dating and matchmaking · General dating platform · Global
Timeline: Breach (2015-01-01) · Indexed (Feb 04, 2025) · Year (2015)
Exposure: 20.1M records · 2 fields: Email Address, Password
Status: Reported
Executive Summary
LovePlanet, a Russian online dating platform serving users in Russia, Ukraine, and Belarus, suffered a data breach in approximately January 2015 when attackers exploited security flaws in LovePlanet's systems and exfiltrated a database containing personal information and credentials for approximately 20.1 million users. The breach has been attributed to the GnosticPlayers hacker group, which was responsible for a series of high-profile breaches at dating, consumer, and social platforms during the 2014 to 2019 period. The breach data was originally distributed on RaidForums, the dark-web breach-trading forum that was subsequently seized by law enforcement, before broader redistribution. DataBreach.com indexed the breach on February 3-4, 2025, approximately ten years after the original incident. The breach affected approximately 20,077,733 unique user accounts based on records indexed by breach-tracking services. Compromised fields included usernames, email addresses, and passwords stored in plaintext. The plaintext password storage represents a critical security failure that exposes the original credential values directly, with no cryptographic protection of any kind. The breach was originally posted under the description 'loveplanet.ru 20m users plaintext' on RaidForums. For affected users, the practical risk profile combines credential-reuse exposure with niche dating-platform-specific reputational risk in Russian and CIS markets. The plaintext password exposure means that any account where the user reused the LovePlanet password is fully compromised, with credential-stuffing risks expected on email, social media, financial, and other accounts where Russian and CIS users may have used the same password. The combination of email address, username, and confirmed dating-platform membership supports targeted phishing referencing the platform or related services. Inclusion in the dataset confirms a dating-platform relationship that may carry reputational consequences depending on the user's circumstances. Affected users who receive extortion attempts should not pay ransom demands because payment does not stop further extortion. Users should change all reused passwords immediately, enable two-factor authentication where available, document any extortion communications, and report extortion attempts to law enforcement. The ten-year gap between the original breach and the recent redistribution means that affected users should expect long-term exposure rather than a time-limited incident, with the dataset likely to remain in circulation indefinitely.
ObscureIQ assessment: Exposure enables harassment, stalking, romance scams, and identity linkage around intimate social behavior. Social and message history can also deepen reputational risk.
Breach Impact
The institutional impact on LovePlanet has been limited based on publicly available information, in part because the platform operates primarily in Russia and adjacent CIS markets where breach-notification and regulatory frameworks differ substantially from those in the United States and European Union. LovePlanet has not publicly acknowledged the breach. The reputational impact concentrated within the Russian and CIS dating-platform sector, although the breach has been broadly cited in international cybersecurity coverage as part of the GnosticPlayers attack series alongside other GnosticPlayers victims. The breach's redistribution and indexing in early 2025 has renewed attention to the case as part of the broader historical-breach redistribution pattern.
About LovePlanet
LovePlanet (loveplanet.ru) is a Russian online dating platform that serves users primarily in Russia, Ukraine, and Belarus, with approximately 22 million users at the time of public reporting on the breach. The platform operates a freemium model with both free account access and premium subscription tiers, and supports both heterosexual and same-sex matchmaking with search by country, city, age, gender, and physical attributes. LovePlanet has been the subject of consumer reviews questioning the legitimacy of profiles on the platform, with multiple reviewers alleging that the platform contains a substantial proportion of bot or operator-created profiles in a pattern similar to other large dating platforms. As an account-based dating platform, LovePlanet maintains user account data including identity, contact information, and login credentials.
Why They Hold Your Data
Dating platforms collect profile data, photos, messages, social activity, and subscription records tied to online matchmaking and relationship discovery.
Recent Developments
The LovePlanet breach was publicly indexed by DataBreach.com on February 3-4, 2025, approximately ten years after the original 2015 incident, as part of the broader 2024 to 2025 wave of historical dating-platform breach redistribution and indexing. The breach has been attributed by DataBreach.com and other breach-tracking publications to the GnosticPlayers hacker group, which was responsible for a series of dating-platform and consumer-platform breaches during the 2014 to 2019 period. LovePlanet itself does not appear to have publicly acknowledged the breach, and the platform reportedly continues to operate. The breach was originally distributed on RaidForums (now defunct following law enforcement seizure) before broader redistribution.
Data Points Exposed
2 verified field types
Email Address
Password Critical
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Exploitation & Downstream Threats
Threat Activity:High
Primary downstream threats:
- Credential stuffing against reused passwords across other platforms
- Targeted phishing campaigns using exposed email addresses
Threat vectors:
- Phishing, credential stuffing & account takeover
- Credential stuffing & account takeover
Threat Actor: GnosticPlayers
GnosticPlayers
Unknown
Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.
Recommended Actions
If you believe your information may be included:
Change Reused Passwords
Update this account and anywhere you reused the password; use a manager.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
Frequently Asked Questions
What happened in the LovePlanet breach?▾
LovePlanet, a Russian online dating platform serving users in Russia, Ukraine, and Belarus, suffered a data breach in approximately January 2015 when attackers exploited security flaws in LovePlanet's systems and exfiltrated a database containing personal information and credentials for…
What data was exposed?▾
Verified fields include Email Address, Password.
What should I do if I was affected?▾
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Sources & References
Every claim on this page is traceable. This breach draws on:
Breach Index
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Protect Yourself
Check If You're Affected
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
High-Risk? Get an Exposure Audit
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation