Check Point security researchers have discovered that the users of OKCupid dating app that has more than 10m active users have several critical vulnerabilities which when exploited by hackers can push the consumer to privacy troubles.
Researchers say that hackers might have already accessed details like personal addresses, gender, private messages, profile details of users via these loopholes and could have stored data on their systems by now.
OkCupid users accounts are being taken by users through malicious URL links where hackers send victims messages enriched by malware and victims fall prey to such links and divulge some personal details like their partner preferences. And from then the hackers get hold of the account and send messages to other OkCupid users without the knowledge of the victim- that’s dicey, isn’t it?
OkCupid has already taken a note of the situation and is said to have fixed the flaws mentioned by Check Point researchers within 2 days.
Note 1- The American Friendship and Dating app has over 50 million users and has been downloaded more than 10 million times with around 50 thousand dating appointments made per week.
Note 2- In the February 2019 over a million users of OkCupid complained that they lost access to their account that could result from an earlier data breach or credential stuffing. However, OkCupid did not acknowledge the media speculations that reported data breach or technical glitch.
Note 3- Danish Researchers in May’16 have disclosed that there could hack a data set project related to the dating app accessing information of over 63,000 users with 2,620 variables.