While dating apps are meant to find you a hook-up or maybe a long-term relationship, they seem to be indulging in some user data leaks, as hinted by a new research report by Pen Test Partners.
As per the report, it is suggested that popular dating apps such as 3Fun, Grindr, Romeo, and Recon have been found leaking users’ data that could be both sensitive and important in nature.
What All Got Compromised?
The research report mentions that Grindr, Romeo, and Recon were found to be leaking users’ accurate location details. 3Fun, which is a threesome and dating app, was also found to be leaking location details of around 10 million users worldwide.
With the use of precise location details, a user’s way from home to work or anywhere can easily be tracked. The researchers could easily know of where a user hangs out and more just with a username.
In addition to this, previous research conducted on 3Fun suggests that the dating app shared sensitive user data such as dates of birth, sexual preferences, pictures, and chat data.
Although location data depends on the smartphone’s GPS, the apps were able to access the exact location of the users with sub-millimeter precision.
How Was The Security Flaw Discovered?
A user’s location details can be leaked with the use of triangulation that involves longitudes, latitudes, and altitude information. With the help of spoofed locations based on longitudes and latitudes, the distance to a user profile could be extracted from multiple points. Following this, triangulation and trilateration of data allow for the accurate location data of a user.
How Is The Leak Of Data Harmful For Users?
The leakage of user data, be it location-based or any other information, allows people (especially those with malicious intent) to misuse the information.
Access to a user’s location data could allow stalkers or criminals to stalk them, thus causing trouble. Furthermore, leakage of sensitive data (such as sexual preferences) of users in conservative countries might cause social and legal problems for the users.
What The Apps Had To Say?
Upon contacting the four dating apps, Romeo mentioned that it has fixed the problem by giving out the nearest location instead of the accurate location, and Recon suggested that it is working to fix the issue. While 3Fun is still working on security issues with researchers, Grindr did not reply at all.
As leakage of user data is just not acceptable, apps should take measures to ensure this doesn’t happen. We hope the aforementioned apps find a solution pretty soon.
