Security Flaws Identified For Dating App Grindr

Anthony Carranza

Popular gay dating app Grindr was reported to have two major security flaws for its platform. According to an NBC News report published Wednesday, the security issues can expose private information of its 3 million users.

The security vulnerability can make available to others the exact location of people who opted out of sharing such sensitive information, per cybersecurity experts.

The security flaw was discovered by Atlas Lane CEO Trever Faden. The company is a startup and specializes in property management. He identified the issue after creating a website called C**kblocked.

"His website allowed users to see who blocked them on Grindr after they entered their Grindr username and password. Once they did so, Faden was able to gain access to a trove of user data that is not publicly available on user profiles, including unread messages, email addresses, deleted photos, and the location data of users..."

Grindr has built into its service the functionality of allowing the locations of users to be public. However, they have the capability to opt-out, but given the security loop-hole, users are at risk.

Faden goes on to clarify that someone with very little technical skills can discover a user's exact location. Two independent cybersecurity researchers within the news analysis corroborated Faden's claims.

"In a statement issued to NBC News, Grindr said it was aware of the vulnerabilities that Faden had found and had changed its system to prevent access to data regarding blocked accounts. The company did not change access to any of the other data or how its app sends location data openly over the internet. After Grindr changed its policy on access to data on which users had blocked other users, Faden shut down his website."