Last updated 1 month ago
In February 2026, Plantake's couples and relationship application Lovora experienced a data breach exposing 495,556 unique user records. The breach compromised email addresses, display names, profile photos, and additional personal information collected through app usage. Plantake did not respond to multiple contact attempts regarding the incident.
The breach involved unauthorized access to Lovora's systems, resulting in the exfiltration of user profile data including email addresses, display names, and profile photographs. The specific technical exploitation method remains unconfirmed as the company has not provided details about the intrusion vector or affected infrastructure components.
As of March 2026, Plantake has not issued any public statement about the breach, confirmed containment measures, or provided notification to affected users. No regulatory actions, litigation, or ransom payments have been reported in connection with this incident.
The Lovora breach demonstrates the risks of insufficient incident response protocols when companies fail to acknowledge security incidents or communicate with external parties. The exposure of profile photos alongside email addresses and personal information creates enhanced privacy risks beyond basic credential exposure, particularly for relationship applications where user anonymity may be expected. The company's non-responsiveness suggests potential gaps in crisis communication planning and stakeholder management processes.
Sign in to join the discussion.
Company
Industry
Disclosed
Records Affected
Attack Vector
Industry
Attack Vector