Dating Apps Uncover 845 GB of Explicit Photos And Chats Explored:
Today another leaked news you guys are shocked 845 of explicit content revealed and people are curious to know what’s the matter so, in this article, you get information about everything you want so lets the topic. It’s painfully common for data to be exposed online. But just because it happens so often that doesn’t make it any less dangerous. Especially when that data comes from a slew of dating apps that cater to specific groups and interests. Follow More Update On TODAYLEAKED.COM
Security researchers Noam Rotem and Ran Locar were scanning the open internet on May 24 when they stumbled upon a collection of publicly accessible Amazon Web Services “buckets.” Each contained a trove of data from a different specialized dating app, including 3somes, Cougary, Gay Daddy Bear, Xpal, BBW Dating, Casualx, SugarD, Herpes Dating, and GHunt. In all, the researchers found 845 gigabytes and close to 2.5 million records, likely representing data from hundreds of thousands of users. They are publishing their findings today with vpnMentor.
The information was particularly sensitive and included sexually explicit photos and audio recordings. The researchers also found screenshots of private chats from other platforms and receipts for payments, sent between users within the app as part of the relationships they were building. And though the exposed data included limited “personally identifying information,” like real names, birthdays, or email addresses, the researchers warn that a motivated hacker could have used the photos and other miscellaneous information available to identify many users. The data may not have been breached, but the potential was there.
Dating Apps Uncover:
The risk of doxing that exists with this kind of thing is very real—extortion, psychological abuse. As a user of one of these apps you don’t expect that others outside the app would be able to see and download the data.
As the researchers traced the exposed S3 buckets they realized that all of the apps seemed to come from the same source. Their infrastructure was fairly uniform, the websites for the apps all had the same layout, and many of the apps listed “Cheng Du New Tech Zone” as the developer on Google Play. On May 26, two days after the initial finding, the researchers contacted 3somes. The next day, they got a brief response, and all of the buckets were locked down simultaneously.
845 GB of Explicit Photos:
WIRED reached out to 3somes and Herpes Dating and attempted to reach Cheng Du New Tech Zone, but did not receive a reply.
This was not a hack; The researchers don’t know whether anyone else discovered the exposed trove before they did. That’s always the crux of the issue with data exposures: mistakenly making data accessible is at best an inconsequential mistake, but at worst can hand hackers a data breach on a silver platter. And in the case of this cadre of dating apps, in particular, the information could have a real impact on user safety if it was stolen before the developer locked it down. So many breaches contain data like email addresses and passwords, which is bad enough. But when data leaks from sites like Ashley Madison, Grindr, or Cam4, it creates the potential for doxing, extortion, and other dire online abuse. In this case, Herpes Dating could even potentially reveal someone’s health status.
“It’s so difficult to navigate. How much trust are we putting into apps to feel comfortable putting up that sensitive data—STD information, videos,” says Nina Alli, executive director of the Biohacking Village at Defcon and biomedical security researcher? “This is a detrimental way to out someone’s sexual health status. It’s not something to be ashamed of, but there’s a stigma because it’s easier to yuck at someone else’s proclivities. That is a big peril of this situation.”
AWS and other cloud providers have increasingly added mechanisms. To repeatedly warn users if their buckets are configured to be publicly accessible. But there are still countless mistakes that lead to exposures.
“This isn’t an Amazon problem,” Local says. “The organization that developed these apps messed up the configuration. And that’s dangerous to users. Some kid in college shouldn’t have to worry that someone outside the app. And will find their photos where they’re wearing their college shirt and put it all together.”