Can you imagine something more horrifying than having intimate photos (or any other pictures, for that matter) saved on a dating profile leaked into the public sphere?
Users of the gay dating app Jack’d were shocked to learn that a flaw in the app’s cyber-security measures led to member’s private photos being leaked online, accessible to anyone with an internet browser. This is after a researcher warned the app’s owners, Online Buddies, against incidents of this nature a year earlier.
The New York Attorney General who handled the case, Laetitia James, said of the breach that the app “put users’ sensitive information and private photos at risk of exposure and the company didn’t do anything about if for a full year just so that they could continue to make a profit”.
Online Buddies was cautioned about the vulnerabilities in its system by cyber-security researcher Oliver Hough in 2018, but only implemented a fix for the issues in 2019, leaving personal photos of millions of users compromised. The pictures could be accessed by anyone on the internet, regardless of whether they had a Jack’d account, or not.
The attorney general reached a settlement with Online Buddies, and the company will now have to pay a $240,000 settlement to New York State. Online Buddies has also pledged to enact a “comprehensive security programme” to protect the app’s users in future.