Popular gay dating app Grindr was reported to have two major security flaws for its platform. According to an NBC News report published Wednesday, the security issues can expose private information of its 3 million users.
The security vulnerability can make available to others the exact location of people who opted out of sharing such sensitive information, per cybersecurity experts.
The security flaw was discovered by Atlas Lane CEO Trever Faden. The company is a startup and specializes in property management. He identified the issue after creating a website called C**kblocked.
"His website allowed users to see who blocked them on Grindr after they entered their Grindr username and password. Once they did so, Faden was able to gain access to a trove of user data that is not publicly available on user profiles, including unread messages, email addresses, deleted photos, and the location data of users..."
Grindr has built into its service the functionality of allowing the locations of users to be public. However, they have the capability to opt-out, but given the security loop-hole, users are at risk.
Faden goes on to clarify that someone with very little technical skills can discover a user's exact location. Two independent cybersecurity researchers within the news analysis corroborated Faden's claims.