Hole in gay dating app Jack’d left personal pics exposed

Updated October 13, 2022

Published February 8, 2019

We may earn a commission via links on our site.

Our editorial policy and independence is vitally important to us. It has been crafted drawing upon more than 15 years of publishing experience – we wouldn’t jeopardise this reputation for a free product or travel of any kind.

At SEXTECHGUIDE, transparency, honesty, and integrity are the core of our values. We are committed to providing high-quality, unbiased content to our readers. Below are our detailed guidelines on how we maintain our editorial independence and ethical standards. We do not accept sponsored content or link insertion requests.

A serious security flaw has been discovered in gay dating app Jack’d which made thousands of private photos publicly available.

Researcher Oliver Hough found the flaw which, as he told BBC News, meant that anyone with the wherewithal could look at intimate photos users thought they had posted privately on the app.

The location-based dating and hook-up app aimed at gay, bi-sexual and bi-curious men, gives users the option to post personal photos and choose precisely who they share these with, but the app’s vulnerability means that these images could potentially be seen by anyone with an internet connection.

Hough claims that despite reporting the issue to the Jack’d developer team last year, it still hasn’t been addressed.

“They acknowledged my report but then just went silent and did nothing,” Hough told BBC News. “A journalist contacted them in November and they did the same.”

Jack’d, which is available on both iOS and Android platforms, currently has over five million users in 180 countries. It was set up in 2011 by alumni from Cornell University, New York State, with the mission (as stated on its website) to help “guys look for other guys to find friendship, dates, long-term relationships and one-time intimate encounters.”

A security issue like this could well have very serious ramifications for its users, especially for those living in countries with high incidences of gay hate crime who could effectively be outed by the app.

Ironically there is a point on the site’s FAQ which gives users advice on what to do if their photos are stolen via the app.

The app’s CEO Mark Girolamo told Ars Technica that the issue would be fixed this week, and the publication has confirmed that leaks taking place via this vulnerability were now no longer possible.

SEXTECHGUIDE asked Jack’d for comment but did not receive a response ahead of publication. We’ll update here if and when the company responds.

While it’s not a good look for Jack’d, the company isn’t alone in suffering from privacy issues in the dating space – Grindr and other gay dating apps were found to be leaking user data way back in 2016, and the fallout from the Ashley Madison hack is well-known at this point.

Article by

Rob Tylershevsky

Rob T is a freelance journalist based in Sussex, UK, with a strong interest in the intersecting fields of technology, human sexuality, relationships, behaviour and psychology.

Get in touch