Search This Blog

Showing posts with label Dating App. Show all posts

Korean Dating App Leaks Private Images and Information of 1 Million Users


Korea is a country where incidents of data breach have significantly risen in number, becoming the new normal. Due to this, Data Protection has become a subject of concern in Korea. Massive-scale data leakage incidents have caused the residents great trouble as their resident registration numbers are easily accessible on the internet. For instance, while using various online platforms for shopping a person provides the required information that is not regarded safe as small business owners pay little attention to the protection of the database while on the other hand big business owners at times lack efficient data control system. 

This data breach mostly leaks the private information of the users such as explicit content or certain images that should not be out in the public domain. The data that gets easily accessed due to the misconfigured and unsecure services, includes user information such as personally identifiable information and other sensitive data like private messages or images. 

Lately, one such incident took place in Korea again where a dating app has leaked highly sensitive NSFW picture and information of the app users that are nearly 1 million in the count. This one was free of cost dating app that goes by the name “ Sweet Chat” belonging to Sweet Talk. 

The aforementioned incident is a bit of a déjà vu, as the nearly same incident was reported in November last year. Though that incident had images, videos, and audios that were extremely explicit and private for the user and that particular database contained 130,000 files in total. Articulating about the incident that transpired this year the database only had NSFW images and only half of the total images were explicit. The count of the images and messages leaked this time was 1 million. 

The era of technology accords with a wide range of approaches that can harm a user caught in such cases. The user ID’s are easily connected to the leaked images by a Reverse Image search process, which is very handy for cybercriminals who later on blackmail the users. Wrongdoers even get imprisonment for up to 40 years for such blackmailing cases in Korea.

These cases are very sensitive, as they breach the wall of privacy for the user. It’s the responsibility of the owners and the app developers to make sure that all such private information and the confidential database remains safe and private. The consequences of such cases are highly amplified for the victims as now anybody could access their personal information. 

The users need to use these dating apps with proper care and change their passwords every now and then. Users are also advised to keep an eye on the personal information stored in the app. One must always be cautious about permissions that the apps ask for its proper working on the device. And cases carrying such sensitivity must be reported to the concerned authorities as soon as possible.

Dating App Accused of Leaking Users’ Private Information from Their Profiles

Security Researcher discovered a leak within the dating app Plenty of Fish of the data that users had specially set as "private" on their profiles. The leaked information was not straight away obvious to the app users, and the information was scrambled to make it hard to peruse.

In any case, utilizing freely accessible tools intended to dissect network traffic, the researcher discovered that it was possible to uncover the data about the users as their profiles showed up on his phone.

As indicated by The App Analyst, a 'mobile expert' who expounds on his examinations of mainstream applications on his eponymous blog, POF was in every case quietly restoring the users' first names and postal ZIP codes which was the primary indication that something was truly amiss with the application.

In one case, the App Analyst even discovered enough data to identify where a specific user lived.

As of late, law enforcement also has on multiple occasions issued admonitions about the dangers a few people face on dating applications, similar to Plenty of Fish, which has approx. more than 150 million registered users, as indicated by its parent company IAC. Reports propose sex attacks involving these dating applications have ascended dramatically in the previous five years.

Furthermore, those in the LGBTQ+ community on these applications additionally face safety dangers from both people as well as the government, prompting applications like Tinder to proactively caution their LGBTQ+ users when they visit locales and states with prohibitive and harsh laws against same-sex accomplices.

Prior this year, the App Analyst found various outsider third-party tools that were permitting application developers to record the device’s screen while users engaged in with their applications resulting in a crackdown by Apple.

Even though spokespersons for 'Plenty of Fish' refused to comment regarding the matter immediately, a fix is said to have turned out recently for the data leakage bug.

FBI issues warning against dating sites

An intelligence and security service of the United States has issued a warning for its people to be wary of "confidence/romance scams," after the Bureau saw a 70% annual rise in fraud cases.

The Federal Bureau of Investigation found an exponential increase in the cases where dating sites are used to trick people into money scams, sometimes victims were asked to send money or buy expensive gift items for people met online. 

In 2018 alone more than 18,000 complaints were registered and the total monetary loss was more than $362 million.

The warning issued by the FBI warns actors, "often use online dating sites to pose as U.S. citizens located in a foreign country, U.S. military members deployed overseas, or U.S. business owners seeking assistance with lucrative investments."

Crimes like these target people from all age group, but elderly women—especially those widowed—are especially vulnerable.

The U.S. Department of Defense also issued a warning about "online predators on dating sites claiming to be deployed, active-duty soldiers."

According to the U.S. military, there are now "hundreds of claims each month from people who said they've been scammed on legitimate dating apps and social media sites—scammers have asked for money for fake service-related needs such as transportation, communications fees, processing, and medical fees—even marriage."

Gay dating app Jack’d fined $240k for exposing private photos

A gay dating app Jack'd will have to pay $240,000 to its users after they exposed private intimate photos on the internet for at least a year.

The parent company, Online Buddies, fixed the problem after one year they were informed by a cyber-security researcher Oliver Hough. 

The researcher informed the company about the flaw in February 2018, but the firm paid heed to the problem only in February 2019.

The popular dating app had uploaded the private photos to an Amazon Web Services storage bucket, which could be easily accessed by anyone. 

New York Attorney General Letitia James said the app breached the trust as well as invaded into users' privacy.

Ms. James said: "The app put users' sensitive information and private photos at risk of exposure and the company didn't do anything about it for a full year just so that they could continue to make a profit."

The firm has promised to implement a "comprehensive security program" so incidence like this are avoided and protection of its users' privacy is ensured.