Fleek leak: Stop putting the most stupid stuff you do online. Seriously.

Filed in
1
Ben
Updated January 19, 2021
We may earn a commission via links on our site.
Why support us?

There should be few people left in the world who believe that information uploaded to a website, forum, dating service or any other app will remain private. And yet people continue to upload every waking second of their lives to one network or another.

In the past, we’ve seen instances of dating sites being hacked, data leaking out by accident, way too many unsecured Amazon S3 buckets, chastity cages that can be locked by hackers, and then, of course, there was the massive Ashley Madison hack a few years ago.

In the most recent instance of ‘oh god, do I have an account there?‘, security researchers at vpnMentor have disclosed a now-patched vulnerability in the now-defunct x-rated social media app Fleek.

Launched in 2015 as a debauched rival to Snapchat, Fleek had no rules, and no moderation of content. Combine this with a target audience of college students, and you end up with photo sharing app that has all kinds of images, no matter how explicit or illegal the actions of the users may be. It closed in 2019, but user data wasn’t deleted.

You can probably see where this is going.

Fast-forward to 2021, and vpnMentor says that those images were all left in an unsecured S3 bucket, available for anyone to access. The gaping hole was discovered in October 2020, and fixed one week after being informed about the issue, despite the app having gone offline in 2019.

leaked images fleek
Some of the user images uploaded to Fleek, discovered by vpnMentor in an unsecured data store.

“During our investigation, we reviewed many images of users engaging in embarrassing and illegal activities and sharing sexually explicit photos of themselves. Many of these were shared in folders given offensive and derogatory names like ‘asianAss’ by the app’s developers,” vpnMentor says.

As an additional unfortunate outcome for the developers of the app, while uncovering the user images, vpnMentor also discovered that the company appeared to be using fake user accounts to entice users (men) into paying for a private chat room with other users.

“The S3 bucket contained both the fake accounts’ images and examples of automated text message scripts sent by the bot accounts,” vpnMentor adds.

While it’s undoubtedly the responsibility of the company providing the service to secure user data, and putting aside potential legal ramifications for Fleek’s owners aside, what can be learnt from this latest security vulnerability by users of dating and social apps?

Stop uploading and sharing all the things that are going to make you embarrassed, at best, or ruin your future in some way, at worst. Start from the presumption that every network you use will eventually be compromised, and you’ll probably be on the right track.

Read Next: Ultimate Browsing Privacy Guide

Article by
Ben Woods is a passionate journalist, editor, and media adviser who not only brought SEXTECHGUIDE to life but keeps it running smoothly on a day-to-day basis.Before embarking on this exciting journey, Ben’s work reached millions of people through reputable publications such as WIRED, TrustedReviews, The Inquirer, V3, CNET, ZDNet, and The Next Web, among many more.Ben dives deep into the realms of tech, sex, and the future on SEXTECHGUIDE, inviting readers to explore the intriguing intersection of these domains.
Get in touch
Ben Avatar
Related articles
  • Digital Intimacy Coalition

    Sex-positive industry coalition calls out ‘critical gap’ in EU AI regulation

    Jamie F/
    October 7, 2024
  • Quest3S

    Meta Quest 3S launch brings end of other Quest 3 models

    Jamie F/
    October 6, 2024
  • womanizer vibe silent

    Womanizer launches Vibe, its first ‘silent’ lay-on vibrator

    Jamie F/
    October 4, 2024
  • California AI performer bill

    California AI replica bill shields adult performers from exploitation

    Jamie F/
    October 3, 2024
  • dating appdates sep 2024

    Dating appdates (September 2024): Anti-f***boy app, sober dating, Bumble AI, and more

    Jamie F/
    October 2, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *