Cyber security experts revealed that the dating app 'Plenty of Fish' has been leaking its users’ information.
The dating app made news earlier this month for allowing known sex offenders to use it.
App Analysis: Plenty of Fish; Locating users and revealing information via the API https://t.co/eta4hlbZNu pic.twitter.com/GLW0LyrTwU
— ????? ? (@_eniai) December 24, 2019
The experts revealed that the dating application allowed anyone with access to simple analytical tools available online to view users’ names and addresses, allowing hackers to access user data.
New: A security researcher found the Plenty of Fish apps were leaking data about users who had parts of their dating profile set to private. https://t.co/eIPqGwFCw9
— Zack Whittaker (@zackwhittaker) December 23, 2019
Despite the fact that the application has policies that claims to protect its users’ data, cyber security experts were able to disclose information using online available tools designed to analyze data in the network.
In response to this new report, the application’s security team said: "Initial analysis of the Plenty of Fish API showed responses contained generic logging and app data.
"Unfortunately the responses also contained user data which was potentially sensitive… This sensitive data included a user’s first name, even when they requested for it not to be shown, and the ZIP code of the users home."
This popular dating app suffered a serious data breach and you should update it now https://t.co/48K5Fs8naR#CyberSecurity #PlentyOfFish
— Tampa Joey (@TampaJoey) December 26, 2019
The app analysts admitted that these sensitive data such as the first name, area code and user address were accessible even if users requested not to disclose them, which could enable hackers to access users’ details easily.
This could expose users to a grave risk, especially since dating apps allow former criminals to create an account on their applications, by not obligating its users to reveal their criminal history before signing up.
