Multiple Online Dating Sites Put Love At Risk
April 03, 2019
Sometimes it feels that the only way you can meet people is online. Often that means that if you want to date, you get accounts on dating sites. And sometimes you meet someone you like and perhaps you exchange photos. If you did that on the dating app Jack’d, you may be accidently letting some dude named Jack get access to your photos, whether you want him to have them or not. To add insult to injury, the popular dating site, Coffee Meets Bagel, also announced a data breach of about 6.2 million members who entered information into the website prior to May of 2018. And there’s more. OKCupid announced recently that a critical flaw in the app may allow the theft of credentials that can lead a man-in-the-middle attack or allow the criminal to completely take over a victim’s app.
A researcher found a security vulnerability with the dating (sometimes called hookup) app called Jack’d. It was reported to the developer of the app, but has not yet been fixed. It essentially gives, anyone wanting to see them, access to all the photos without authenticating to the app. All one needs is a web browser and all photos, private or otherwise, can be accessed.
For the time being, if you do use this app, consider just deleting your photos for now and be cautious of what you chat about or post to the app. This goes with any online site, be it dating or even messenger services. Remember that even if the site has all the indicators that it’s secure, it doesn’t mean it is 100% safe to put whatever you want on it. You should consider anything you post to the Internet there forever and available to anyone, regardless of the security settings.
The Coffee Meets Bagel user data showed up on the Dark Web earlier a few days before Valentines, which meant those users got their notification of the breach as a nice treat, ironically on Valentine’s Day.
Make sure your apps are kept updated at all times, you change your passwords regularly and use strong ones. In addition, by all means, use dating apps and social media if you desire. Just use caution about what you put up there. You never know who may see it in the future. Once someone shares or even comments on something you post, you lose control over it. Once you send a picture to a potential date, it’s gone for good and you never know what will be done with it after that. That’s important to note, especially, for example if you are looking for a job in the future. You don’t want those things to come back and haunt you.
Vulnerabilities in dating and hookup apps, as well as online dating sites is not a new phenomenon. Adult Friend Finder has been hit a couple of times and famously, the “cheating” app Ashley Madison was breached with the attackers threatening to out those who had profiles if the owners didn’t remove the site completely. The group responsible for the hack followed through.