From their press release:

The company behind Sparks, the app that is designed to help you connect with and meet new people nearby with whom you have shared interests, and which was first presented at SXSW in 2012, has given details of an attempted Denial of Service attack allegedly undertaken by an employee of their sub-contractors, an outsourcing development company based in Ho Chi Minh City, Vietnam.

Stephen Smith, Founder of Paragon Proximates Ltd, states: “Sparks was developed under contract with our own parent company, Digital Proximates Limited. We terminated our relationship with the sub-contractors at the beginning of January after it became apparent that the software the sub-contactors had delivered was not what was specified and, in the event, totally unfit for purpose. It was following this termination that the app was attacked.

“We have proof that the alleged attack was initiated by one of the employees of the Vietnamese developing company, one of the app developers who not only had knowledge of how to attack, but who also had previous knowledge of, and access to, our IT assets. The target of the attack was a known weakness in the system, one we had repeatedly asked the sub-contractors to rectify.

“This particular weakness had in fact been identified by ourselves and after the sub-contractor’s repeated refusal to rectify it, we took remedial action on January 3^rd 2013. But until it was addressed it was the cause of numerous outages. At the onset of the attack over 1,000 requests per minute originated from a PC in Vietnam, with one single user account. As a mobile application with our entire user base connecting via their mobile devices – this was the only connection from a PC. The activity itself lasted for several hours and data-scanning activity was logged during this period.

“Through a detailed examination of the logs the next day we were able to identify a specific employee of the Vietnamese developing company. Given the fact that we were able to trace the source of the alleged attack back to the sub-contracted development company, we informed the company’s management in Ho Chi Minh and San Francisco, which in turn acknowledged our communication and committed itself to an investigation. However, in a later communication they denied that it was anything to do with them.

“Whilst researching the alleged hacking, it became clear that the Vietnamese developing company were copying our data to their own servers – when we asked them to delete that, they instead claimed IP over the content.”

Paragon Proximates Limited, the company behind Sparks, has reported the alleged attack and the data theft to the Information Commissioner in the UK and, with the kind assistance of the British Embassy in Hanoi and the HM British Consul in Ho Chi Minh City, to the Ministry of Information and Communication in Vietnam, and is working with law enforcement agencies in the appropriate legal territories.

The sub-contracted development company in Vietnam was established in 2008 by a team of US and European executives and claims to be a specialist in new product development with offices in Ho Chi Minh City and San Francisco.

Source: Sparks