{"id":25124,"date":"2019-02-07T16:31:25","date_gmt":"2019-02-07T16:31:25","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/29799\/Gay-Dating-App-Left-Private-Images-Data-Exposed-To-Web.html"},"modified":"2019-02-07T16:31:25","modified_gmt":"2019-02-07T16:31:25","slug":"gay-dating-app-left-private-images-data-exposed-to-web","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/","title":{"rendered":"Gay Dating App Left Private Images, Data Exposed To Web"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/02\/jackdapp-800x653.jpg\" alt=\"The Jack'd dating app allowed men to upload &quot;private&quot; photos\u2014but stored them open to public viewing, the same as the rest.\"\/><\/p>\n<div class=\"caption-text\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/02\/jackdapp.jpg\" class=\"enlarge-link\" data-height=\"1148\" data-width=\"1407\">Enlarge<\/a> <span class=\"sep\">\/<\/span> The Jack&#8217;d dating app allowed men to upload &#8220;private&#8221; photos\u2014but stored them open to public viewing, the same as the rest.<\/div>\n<aside id=\"social-left\" aria-label=\"Read the comments or share this article\">\n<h4 class=\"comment-count-before\"><a title=\"48 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2019\/02\/indecent-disclosure-gay-dating-app-left-private-exposed-to-web\/?comments=1\">reader comments<\/a><\/h4>\n<p><a title=\"48 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2019\/02\/indecent-disclosure-gay-dating-app-left-private-exposed-to-web\/?comments=1\"><span class=\"comment-count-number\">76<\/span> <span class=\"visually-hidden\">with 48 posters participating<\/span><\/a><\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/div>\n<\/aside>\n<p><strong>[Update, Feb. 7, 3:00 PM ET: Ars has confirmed with testing that the private image leak in Jack&#8217;d has been closed. A full check of the new app is still in progress.]<\/strong><\/p>\n<p>Amazon Web Services&#8217; Simple Storage Service powers countless numbers of Web and mobile applications. Unfortunately, many of the developers who build those applications do not adequately secure their S3 data stores, leaving user data exposed\u2014sometimes directly to Web browsers.\u00a0 And while that may not be a privacy concern for some sorts of applications, it&#8217;s potentially dangerous when the data in question is &#8220;private&#8221; photos shared via a dating application.<\/p>\n<p>Jack&#8217;d, a &#8220;gay dating and chat&#8221; application with more than 1 million downloads from the Google Play store, has been leaving images posted by users and marked as &#8220;private&#8221; in chat sessions open to browsing on the Internet, potentially exposing the privacy of thousands of users. Photos were uploaded to an AWS S3 bucket accessible over an unsecured Web connection, identified by a sequential number. By simply traversing the range of sequential values, it was possible to view all images uploaded by Jack&#8217;d users\u2014public or private. Additionally, location data and other metadata about users was accessible via the application&#8217;s unsecured interfaces to backend data.<\/p>\n<p>The result was that intimate, private images\u2014including pictures of genitalia and photos that revealed information about users&#8217; identity and location\u2014were exposed to public view. Because the images were retrieved by the application over an insecure Web connection, they could be intercepted by anyone monitoring network traffic, including officials in areas where homosexuality is illegal, homosexuals are persecuted, or by other malicious actors. And since location data and phone identifying data were also available, users of the application could be targeted<\/p>\n<p>There&#8217;s reason to be concerned. Jack&#8217;d developer <a href=\"https:\/\/online-buddies.com\/#s-about-us\">Online-Buddies Inc.<\/a>&#8216;s own marketing <a href=\"https:\/\/online-buddies.com\/#s-products\">claims that Jack&#8217;d has over 5 million users<\/a> worldwide on both iOS and Android and that it &#8220;consistently ranks among the top four gay social apps in both the App Store and Google Play.&#8221; The company, which launched in 2001 with the Manhunt online dating website\u2014&#8221;a category leader in the dating space for over 15 years,&#8221; the company claims\u2014markets Jack&#8217;d to advertisers as &#8220;the world&#8217;s largest, most culturally diverse gay dating app.&#8221;<\/p>\n<p>The bug is fixed in a February 7 update. But the fix comes a year after the leak was first disclosed to the company by security researcher Oliver Hough and more than three months after Ars Technica contacted the company&#8217;s CEO, Mark Girolamo, about the issue. Unfortunately, this sort of delay is hardly uncommon when it comes to security disclosures, even when the fix is relatively straightforward. And it points to an ongoing problem with the <a href=\"https:\/\/arstechnica.com\/information-technology\/2017\/02\/dozens-of-popular-ios-apps-vulnerable-to-intercept-of-tls-protected-data\/\">widespread neglect of basic security hygiene in mobile applications<\/a>.<\/p>\n<h2>Security YOLO<\/h2>\n<p><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/02\/jackd-hackd.jpg\" class=\"enlarge\" data-height=\"1448\" data-width=\"1868\" alt=\"An image uploaded by Oliver Hough and marked as private using the Jack'd app, shown in a Web browser. Note the site is HTTP accessible.\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/02\/jackd-hackd-640x496.jpg\" width=\"640\" height=\"496\" srcset=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/02\/jackd-hackd-1280x992.jpg 2x\" alt=\"An image uploaded by Oliver Hough and marked as private using the Jack'd app, shown in a Web browser. Note the site is HTTP accessible.\"\/><\/a><\/p>\n<div class=\"caption-text\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2019\/02\/jackd-hackd.jpg\" class=\"enlarge-link\" data-height=\"1448\" data-width=\"1868\">Enlarge<\/a> <span class=\"sep\">\/<\/span> An image uploaded by Oliver Hough and marked as private using the Jack&#8217;d app, shown in a Web browser. Note the site is HTTP accessible.<\/div>\n<p>Hough discovered the issues with Jack&#8217;d while looking at a collection of dating apps, running them through the Burp Suite Web security testing tool. &#8220;The app allows you to upload public and private photos, the private photos they claim are private until you &#8216;unlock&#8217; them for someone to see,&#8221; Hough said. &#8220;The problem is that all uploaded photos end up in the same S3 (storage) bucket with a sequential number as the name.&#8221;\u00a0The privacy of the image is apparently determined by a database used for the application\u2014but the image bucket remains public.<\/p>\n<p>Hough set up an account and posted images marked as private. By looking at the Web requests generated by the app, Hough noticed that the image was associated with an HTTP request to an AWS S3 bucket associated with Manhunt. He then checked the image store and found the &#8220;private&#8221; image with his Web browser. Hough also found that by changing the sequential number associated with his image, he could essentially scroll through images uploaded in the same timeframe as his own.<\/p>\n<p>Hough&#8217;s &#8220;private&#8221; image, along with other images, remained publicly accessible as of February 6, 2018.<\/p>\n<p>There was also data leaked by the application&#8217;s API. The location data used by the app&#8217;s feature to find people nearby was accessible, as was device identifying data, hashed passwords and metadata about each user&#8217;s account. While much of this data wasn&#8217;t displayed in the application, it was visible in the API responses sent to the application whenever he viewed profiles.<\/p>\n<p>After searching for a security contact at Online-Buddies, Hough contacted Girolamo last summer, explaining the issue. Girolamo offered to talk over Skype, and then communications stopped after Hough gave him his contact information. After promised follow-ups failed to materialize, Hough contacted Ars in October.<\/p>\n<p>On October 24, 2018, Ars emailed and called Girolamo. He told us he&#8217;d look into it. After five days with no word back, we notified Girolamo that we were going to publish an article about the vulnerability\u2014and he responded immediately. &#8220;Please don\u2019t I am contacting my technical team right now,&#8221; he told Ars. &#8220;The key person is in Germany so I\u2019m not sure I will hear back immediately.&#8221;<\/p>\n<p>Girolamo promised to share details about the situation by phone, but he then missed the interview call and went silent again\u2014failing to return multiple emails and calls from Ars. Finally, on February 4, Ars sent emails warning that an article would be published\u2014emails Girolamo responded to after being reached on his cell phone by Ars.<\/p>\n<p>Girolamo told Ars in the phone conversation that he had been told the issue was &#8220;not a privacy leak.&#8221; But when once again given the details, and after he read Ars&#8217; emails, he pledged to address the issue immediately. On February 4, he responded to a follow-up email and said that the fix would be deployed on February 7. &#8220;You should [k]now that we did not ignore it\u2014when I talked to engineering they said it would take 3 months and we are right on schedule,&#8221; he added.<\/p>\n<p>In the meantime, as we held the story until the issue had been resolved, The Register broke the story\u2014holding back some of the technical details.<\/p>\n<h2>Coordinated disclosure is hard<\/h2>\n<p>Dealing with the ethics and legalities of disclosure is not new territory for us. When we <a href=\"https:\/\/arstechnica.com\/information-technology\/2014\/06\/what-the-nsa-or-anyone-can-learn-about-you-from-internet-traffic\/\">performed our passive surveillance experiment on an NPR reporte<\/a>r, we had to go through over a month of disclosure with various companies after discovering weaknesses in the security of their sites and products to make sure they were being addressed. But disclosure is a lot harder with organizations that don&#8217;t have a formalized way of dealing with it\u2014and sometimes public disclosure through the media seems to be the only way to get action.\u00a0<\/p>\n<p>It&#8217;s hard to tell if Online-Buddies was in fact &#8220;on schedule&#8221; with a bug fix, given that it was over six months since the initial bug report. It appears only media attention spurred any attempt to fix the issue; it&#8217;s not clear whether Ars&#8217; communications or The Register&#8217;s publication of the leak had any impact, but the timing of the bug fix is certainly suspicious when viewed in context.<\/p>\n<p>The bigger problem is that this sort of attention can\u2019t scale up to the massive problem of bad security in mobile applications. A quick survey by Ars using Shodan, for example, showed nearly 2,000 Google data stores exposed to public access, and a quick look at one showed what appeared to be extensive amounts of proprietary information just a mouse click away. And so now we&#8217;re going through the disclosure process again, just because we ran a Web search.<\/p>\n<p>Five years ago at the Black Hat security conference, <a href=\"https:\/\/arstechnica.com\/information-technology\/2014\/08\/cias-venture-firm-security-chief-us-should-buy-zero-days-reveal-them\/\">In-Q-Tel chief information security officer Dan Geer suggested<\/a> that the US government should corner the market on zero-day bugs by paying for them and then disclosing them but added that the strategy was \u201ccontingent on vulnerabilities being sparse\u2014or at least less numerous.\u201d But vulnerabilities are not sparse, as developers keep adding them to software and systems every day because they keep using the same bad &#8220;best&#8221; practices.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/29799\/Gay-Dating-App-Left-Private-Images-Data-Exposed-To-Web.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":25125,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[5790],"class_list":["post-25124","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineprivacydata-lossflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Gay Dating App Left Private Images, Data Exposed To Web 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Gay Dating App Left Private Images, Data Exposed To Web 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-02-07T16:31:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/gay-dating-app-left-private-images-data-exposed-to-web.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"653\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Gay Dating App Left Private Images, Data Exposed To Web\",\"datePublished\":\"2019-02-07T16:31:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/\"},\"wordCount\":1400,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/gay-dating-app-left-private-images-data-exposed-to-web.jpg\",\"keywords\":[\"headline,privacy,data loss,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/\",\"name\":\"Gay Dating App Left Private Images, Data Exposed To Web 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/gay-dating-app-left-private-images-data-exposed-to-web.jpg\",\"datePublished\":\"2019-02-07T16:31:25+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/gay-dating-app-left-private-images-data-exposed-to-web.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/gay-dating-app-left-private-images-data-exposed-to-web.jpg\",\"width\":800,\"height\":653},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gay-dating-app-left-private-images-data-exposed-to-web\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,privacy,data loss,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineprivacydata-lossflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Gay Dating App Left Private Images, Data Exposed To Web\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Gay Dating App Left Private Images, Data Exposed To Web 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/","og_locale":"en_US","og_type":"article","og_title":"Gay Dating App Left Private Images, Data Exposed To Web 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-02-07T16:31:25+00:00","og_image":[{"width":800,"height":653,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/gay-dating-app-left-private-images-data-exposed-to-web.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Gay Dating App Left Private Images, Data Exposed To Web","datePublished":"2019-02-07T16:31:25+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/"},"wordCount":1400,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/gay-dating-app-left-private-images-data-exposed-to-web.jpg","keywords":["headline,privacy,data loss,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/","url":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/","name":"Gay Dating App Left Private Images, Data Exposed To Web 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/gay-dating-app-left-private-images-data-exposed-to-web.jpg","datePublished":"2019-02-07T16:31:25+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/gay-dating-app-left-private-images-data-exposed-to-web.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/02\/gay-dating-app-left-private-images-data-exposed-to-web.jpg","width":800,"height":653},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/gay-dating-app-left-private-images-data-exposed-to-web\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,privacy,data loss,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineprivacydata-lossflaw\/"},{"@type":"ListItem","position":3,"name":"Gay Dating App Left Private Images, Data Exposed To Web"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/25124","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=25124"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/25124\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/25125"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=25124"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=25124"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=25124"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}