Another cyber security firm, called Include Security, revealed on its blog this week that hackers had been able to potentially access the location of Tinder users—prior to more recent fixes.
The Tinder app allows people to find singles who live close to them.
EHarmony, one of the most famous (and perhaps oldest) of the dating sites, scored just 504, and Plenty Of Fish, whose mobile application allows for use anytime, scored just 361.
Even better known sites like could stand for some improvement — it scored a 741, with Up Guard noting that the site lacks “HSTS, secure cookies, and DNSSEC.” So if you’re looking for love online, have at it — but be careful where you’re fishing.
Regardless of the scheme, eligible bachelors and bachelorettes – or those who are just looking to have a good time – have a new cyber threat vector to watch out for: Online dating sites and "hookup" apps.
One of the most memorable data breaches of 2015 was executed against Ashley Madison, an online network for adults who are seeking an extramarital affair.
It's been said that hackers will exploit any possible entry point for gain, and this includes the heart.
Some of this text included “hard-coded key values, website addresses, and other critical information that could allow hackers access to sensitive data.” But it’s not just apps that are problematic.
The dating app has been gaining buzz for its purported widespread use by athletes at the Olympic games in Sochi.
(: Tinder popular at the Olympics) Tinder and cyber security officials had been working on shoring up the potential vulnerability for months, but the issue only became public this week with the blog post.
Sure, signing up for Tinder isn’t quite like applying for a credit card, but it should still be noted that many of these online dating services collect quite a bit of data on its users.
And according to recent research from security provider Seworks and security tech company Up Guard, dating apps are ripe for the picking when it comes to the next big hack. But according to Min-Pyo Hong of Seworks, these services are all extremely vulnerable to attack.