All 5 apps were exposing user data due to database misconfiguration.
The IT researchers at WizCase recently discovered data leaks and privacy breaches on 5 different dating apps in the US and East Asia.
These breaches showcased compromised user data and sensitive information such as names, billing addresses, phone numbers, profiles, and even private/direct messages.
See: 845GB of sensitive explicit data on niche dating apps users exposed online
Further information proved that the profiles leaked were in millions and that Elasticsearch servers, MongoDB databases, and AWS buckets were these databases were hosted got exposed to public access with no password protection or security authentication.
Applications and sites involved in the data breach
1- CatholicSingles
According to WizCase’s blog post, in the US, CatholicSingles leaked sensitive user information including their names, email addresses, phone numbers, age, occupation, education, and billing address. Data ensuing users’ physical characteristics like hair, eye color, and internet activity have also been breached.
What is more alarming is that users’ payment methods were easily accessible as well, putting them at risk. This dating site was exclusively made for singles looking to find faith-based partners.
2- YESTIKI
Another dating application based in the United States, YESTIKI.com, appear ..
Support the originator by clicking the read the rest link below.