A shocking data breach has exposed 1.5 million private images from users of various kink and LGBT dating apps, including BDSM People, Chica, Pink, Brish, and Translove. The breach, which was discovered by ethical hacker Aras Nazarovas from Cybernews, has raised serious concerns about user privacy and security, particularly for users in countries hostile to LGBT individuals.
According to reports, the images were stored online without password protection, making them easily accessible to hackers and potential extortionists. The breach was not limited to public profile pictures but also included private messages and even some images removed by moderators.
The company behind the affected apps, M.A.D Mobile, was first warned about the security flaw on January 20 but failed to take action until the BBC intervened via email on Friday. The company has since fixed the issue but has not explained how it happened or why it took so long to address.
This incident highlights the growing cybersecurity challenges facing online dating platforms, particularly those catering to niche communities. The exposure of private images can have devastating consequences for users, including harassment, extortion, and even physical harm.
“The fact that these images were stored online without password protection is a clear indication of negligence on the part of M.A.D Mobile,” said Aras Nazarovas, the ethical hacker who discovered the breach. “This breach is a wake-up call for online dating platforms to take user privacy and security seriously.”
The breach has sparked outrage among users and advocates, who are demanding greater accountability from M.A.D Mobile and other online dating platforms.
“This breach is a reminder that our community is constantly at risk of exploitation and harassment,” said a spokesperson for the LGBT advocacy group, GLAAD. “We demand that online dating platforms take concrete steps to protect user privacy and security, particularly for marginalized communities.”
In the wake of the breach, users are advised to take extra precautions to safeguard their privacy, including:
– Limiting the sharing of sensitive content
– Using encrypted messaging services
– Enabling two-factor authentication
– Monitoring their accounts for suspicious activity
The incident serves as a stark reminder of the importance of online security and the need for greater accountability from companies handling sensitive user data.