It's one Elasticsearch server, who exhibited personal information, images, location data, phone numbers, and more. The data presented is approximately 72.000 users.
The software company behind it application, has its headquarters in Istanbul. He was informed of the leak incident a week ago but did not respond. The server was restored today after updating Turkey's Computer Emergency Response Team (CERT).
The server exposed a lot of sensitive data. Unfortunately, the server contained all user information as well as some personal messages.
The information that was leaked is: names, phone numbers, addresses e-mail, birth dates, gender, height, photos, Facebook and Instagram IDs (for users who were logged in from their profile), location data, dating preferences, profiles that users have liked or disliked, profiles which users have blocked, application registration and usage dates, and data relative to the device.
This information is very important and can be put to you risk application users.
Anyone can do a simple search on the internet, and using this information, find out the real identities of their users, their LinkedIn profile, their accounts on social media. Posts that have been made by various users can also be found Forums.
In addition, this data could be used for blackmail users in relation to their personal and erotic lives (since dating).
It is not known at this time if the exposed server was accessed and the data was used for malicious purposes.
Many others services dating has been found with the same problem (with exposed server). Some of them are: Ashley Madison, Jack'd, Grindr, Romeo, Recon, 3Fun, HaveAFling, HaveAnAffair, HookUpDating and Luscious.
How useful was this post?
Average rating / 5. Vote count:
No votes so far! Be the first to rate this post.