Security expert says 42.5m dating app users’ details have been exposed online (and still are)

According to Security Discovery, if you’ve been a user of the CougarDating, Mingler, Fwbs, ChristianFinder or TS dating apps, your details may be one of the 42.5 million records discovered in the latest dating site-related breach.

According to Security Discover, if you have downloaded and used any of the following dating apps, CougarDating, Mingler, Fwbs, ChristianFinder and TS, you may be one of the 42.5 million people who’ve been subject to a data breach.

On May 25, Senior Security Researcher from Security Discovery, Jeremiah Fowler, discovered an open database on Indonesian-based ElasticSearch that listed people’s usernames, ages, locations and even IP addresses. He also stated that a sample showed targeted users were mostly based in the US, UK, Canada and Australia, and that this data was still publicly accessible.

Even though there appears to be no direct personally identifiable information (PII) leaked, founder of Have I Been Pwned, Troy Hunt, told SEXTECHGUIDE that the “IP [address] may be considered personally identifiable and usernames (particularly very unique ones), certainly can be.” He explained that the leakage of this data could result in the identification of its owner.

Fowler confirms that nearly each unique username he checked appeared on multiple dating sites, forums and other public places. This could expose user’s sexual preferences and infidelities, leaving them vulnerable to cyberattacks, such as online scamming and hacking.

Using Whois Domain tools, most of these apps were found to be registered to fake addresses and telephone numbers, with one even registered to a Metro station in China.

Hunt explains that “unfortunately, this incident just joins many others where there have been serious breaches of adult websites with potentially serious privacy ramifications.”

Furthermore, given that the UK will be collecting even more personal data with the upcoming porn-based Age Verification law on July 15, it is more important than ever to question who we are giving our data to, and and what safeguards organizations have in place.

Read More: Dev criticized for porn facial recognition algorithm says it was actually built by an ‘0ldsch00l hacker’