2 min read

Data Breach: Bundle of Dating Apps Leaking Sensitive Information Discovered

Alina BÎZGĂ

June 17, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Data Breach: Bundle of Dating Apps Leaking Sensitive Information Discovered

Three misconfigured Amazon Web Services (AWS) S3 buckets leaking highly sensitive information from multiple dating apps and websites were discovered by vpnMentor researchers on May 25.

According to a report published June 16, the S3 buckets contained 845 gigabytes of data, with over 20 million files containing sensitive information from user accounts, including:

• Images and photos
• User names, personal details and financial data
• Voice messages and audio recordings
• Private chats between users
• Evidence of financial transactions

The bundle includes a variety of niche dating platforms such as 3somes, CougarD, Xpal, SugarD, GHunt and many more. Additionally, aside from the overflow of personal and highly sensitive user information, the misconfigured databases also exposed apps infrastructure through unsecured admin credentials and passwords.

“For ethical reasons, we never view or download every file stored on a breached database or AWS bucket. As a result, it”s difficult to calculate how many people were exposed in this data breach, but we estimate it was at least 100,000s – if not millions,” researchers said. “As ethical hackers, we”re obliged to inform a company when we discover flaws in their online security. We reached out to the developers, not only to let them know about the vulnerability but also to suggest ways in which they could make their system secure.”

The data leak could have devastating effects for users. Malicious actors can leverage the treasure trove of sensitive info for various forms of extortion and bullying, which could potentially turn into another AshleyMadison disaster. More than 30 million users were exposed following the 2015 data breach on the pro-adultery website, and blackmail scams were still resurfacing nearly 5 years after bad actors posted a data dump containing sensitive data on users.

You can also check if your private data has been exposed online! Use Bitdefender”s Digital Identity Protection tool to see where you stand at the moment and what the internet knows about you.

In the hands of seasoned cyber-criminals, the data can be used for more than just catfishing scams. Using the variety of information as a bargaining chip, blackmailers can start a profitable business. Nobody wants their secrets exposed on social media or to family and friends.

“With so many users from each app exposed in the data breach, criminals would only need to convince a small number of people to pay them for a blackmail and extortion scheme to be successful,” researchers warned. “In doing so, they could destroy many people”s relationships and personal and professional lives.”

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Data Breach: 1.3 Million Broward Health Patients and Staff at Risk of Medical Identity Theft Data Breach: 1.3 Million Broward Health Patients and Staff at Risk of Medical Identity Theft
Alina BÎZGĂ

January 04, 2022

2 min read
Data Breach at Pro Wrestling Tees Affects 31,000 Customers Data Breach at Pro Wrestling Tees Affects 31,000 Customers
Alina BÎZGĂ

December 29, 2021

1 min read
Hackers steal credit cards from 1.8 million sports gear site customers Hackers steal credit cards from 1.8 million sports gear site customers
Radu CRAHMALIUC

December 21, 2021

1 min read