Images of dating platforms used by hundreds of thousands of people were kept unprotected. There were also nude pictures.
Up to 1.5 million images were kept without protection. Services have up to 900,000 users. M-Production
Aras Nazarovas found images of users of dating app users on an unprotected server. There are as many as 1.5 million shots, and some of the material is sensitive, including nudity.
A picture disaster concerns the subject with news BBC According to services called Chica, BDSM People, Pink, Bish and Translove. They are used by up to 900,000 people.
Anyone would have been able to look at the users’ pictures with a link. No password was needed.
Nazarovas, who calls himself an ethical hacker, announced his observation to Mad Mobile, who was behind all five platforms in January, who did not react in any way until the BBC contacted the company last week. After contacting it quickly fixed the problem, but otherwise did not comment on the incident to the BBC.
Ethical hackers reveal and report security problems before less ethical hackers find the same shortcomings.
Their aim is to make services and platforms more secure, and often they are also hired to find openings in the company’s own systems.
Justified fear
It is possible that the outside party may have access to the images before the security problem is revealed. If they have been taken over by criminals or those who want to do so, the images can be used, for example, to tighten the victims.
If the images reveal users who live in countries where sexual minorities are the subject of persecution, the consequences may be more serious.
According to the BBC, the case is reminiscent of Ashley Madison, which was revealed in 2015, where large numbers of dating site were in the hands of hackers.