42.5M Dating App Records of Americans Exposed in a Database
CYBER NEWS

42.5M Dating App Records of Americans Exposed in a Database

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

A single database has exposed the records of tens of millions of users of dating apps. The database which was discovered by security researcher Jeremiah Fowler is not password-protected. Most of the affected users are Americans, as revealed by the IP addresses and geolocation details.




The Story of Another Leaky Database

On May 25th [2019] I discovered a non password protected Elastic database that was clearly associated with dating apps based on the names of the folders. The IP address is located on a US server and a majority of the users appear to be Americans based on their user IP and geolocations.

The researcher also noticed Chinese text inside the database with various commands, pointing to its probable origin. The researcher, however, hasn’t revealed the exact location of the database. The most bizarre thing about the database is that it contained data taken from multiple dating applications.

Most of these dating apps are available online with the same names as the ones in the database. The weirdest thing however is that despite the apps using the same database, they claim to be developed by separate companies or individuals that do not seem to match up with each other, Fowler noted.

The Whois registration for one of the sites uses what appears to be a fake address and phone number. Several of the other sites are registered private and the only way to contact them is through the app (once it is installed on your device).

Related:
Canva has been hit by an enormous data breach. Apparently, the usernames and email addresses of 139 million users of Canva have been exposed.
Canva Data Breach Affects 139 Million Users.

A total of approximately 42.5 million records were exposed. Dating logs made up 38.3 million records, while 3.87 million contained “geonames”.

I am not saying or implying that these applications or the developers behind them have any nefarious intent or functions, but any developer that goes to such great lengths to hide their identity or contact details raises my suspicions,” Fowler explained. Nonetheless, he remains skeptical of apps that are registered from a metro station in China or anywhere else.

It’s important to note that the database didn’t contain any financial details. The original report also highlights that “at the time of publication the database was still publicly accessible.”

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...