Researchers find serious flaws in OKCupid security

Filed in
0
Chris M
Updated October 13, 2022
We may earn a commission via links on our site.
Why support us?

OkCupid has become the latest dating app to fall prey to the sloppy-security police, with several bugs discovered that could have led to a leak in users’ personal information.

A team from cybersecurity specialist Checkpoint Research discovered problems with both the website and app, which, if exploited could have given criminals access to unredacted profiles and even private messages, with full sending privileges.

Any hacker who wanted to could send a phishing email to a user containing a link which includes malicious code, giving the sender access to the account.

The stalwart site has remained stubbornly free to use throughout its life, and with a ‘light touch’ in terms of moderation, meaning it has been a prime target for everything from Catfishing users to fake mirror sites.

OkCupid repaired the problems within 48 hours of being informed by Checkpoint Research. In a statement released by Checkpoint (which is a slightly unusual way of handling it), OkCupid said:

“Check Point Research informed OkCupid developers about the vulnerabilities exposed in this research and a solution was responsibly deployed to ensure its users can safely continue using the OkCupid app. Not a single user was impacted by the potential vulnerability on OkCupid, and we were able to fix it within 48 hours. We’re grateful to partners like Check Point who with OkCupid, put the safety and privacy of our users first.”

OkCupid has oft been questioned over the way it monetises data, with accusations that it sells users’ personal data to analytics firms. Now, as it emerges that the coding has flaws too, raising the question – how safe are dating apps?

“Our research into OkCupid, which is one of the longest-standing and most popular applications in their sector, has led us to raise some serious questions over the security of dating apps,” Checkpoint says.

“The fundamental questions being: how safe are my intimate details on the application? How easily can someone I don’t know access my most private photos, messages and details?”

The sad fact is that we all need to ask this question when really and truly, it should never come up. This isn’t the first piece of sloppy coding by a dating app and it certainly won’t be the last.

We’ve asked OKCupid for comment, but hadn’t heard back at the time of publication.

Read Next: How did online dating turn into such a hot mess?

Article by
Chris has worked in technology journalism for over a decade, and brings his nerdy expertise to looking at what goes on under the hood of sex tech.With over a decade of expertise in his field, Chris brings a nerdy perspective to his exploration of the fascinating world behind the scenes. His articles have graced the pages of renowned publications such as Engadget, TechRadar, AskMen, and The Register.
Get in touch
Chris M Avatar
Related articles
  • Digital Intimacy Coalition

    Sex-positive industry coalition calls out ‘critical gap’ in EU AI regulation

    Jamie F/
    October 7, 2024
  • Quest3S

    Meta Quest 3S launch brings end of other Quest 3 models

    Jamie F/
    October 6, 2024
  • womanizer vibe silent

    Womanizer launches Vibe, its first ‘silent’ lay-on vibrator

    Jamie F/
    October 4, 2024
  • California AI performer bill

    California AI replica bill shields adult performers from exploitation

    Jamie F/
    October 3, 2024
  • dating appdates sep 2024

    Dating appdates (September 2024): Anti-f***boy app, sober dating, Bumble AI, and more

    Jamie F/
    October 2, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *