365体育首页

Latest in Gear

Image credit: solar22 via Getty Images

OKCupid security flaws could have given hackers access to user accounts

OKCupid fixed the flaws and says no users were impacted.
Christine Fisher,
July 29, 2020
129 Shares
Share
Tweet
Share

Sponsored Links

Girl have been deception from cyber criminals. he flirts with her by means of delivers flowers.
solar22 via Getty Images

365体育首页The data contained in dating apps is both very personal and valuable to hackers, who can use it to make highly convincing cyberattacks. So it’s always disturbing to learn about dating app security flaws. In a report released today, security research firm CheckPoint Research announced that it found several security vulnerabilities in OKCupid’s website and mobile apps. The flaws could have allowed hackers to access users’ full profile details, private messages, personal addresses and more. Hackers could even send messages from their victims’ profiles.

365体育首页Taking advantage of the security flaws CheckPoint Research discovered, a hacker could have posed as a user and sent a malicious link to victims or public forums. If users clicked on the link, the malicious code would give the hackers access to and control of their victims’ accounts.

CheckPoint disclosed its findings to OKCupid, and developers have fixed the flaws within 48 hours. Fortunately, OKCupid says no users were impacted by the vulnerabilities. But as CheckPoint points out, this is a reminder that, while dating apps contain sensitive and personal information, they may not be as safe as we’d like.

“Our research into OKCupid, which is one of the longest-standing and most popular applications in their sector, has led us to raise some serious questions over the security of dating apps,” CheckPoint said in a statement. “The fundamental questions being: how safe are my intimate details on the application? How easily can someone I don’t know access my most private photos, messages and details?”

OKCupid has also fought spam messages, and its peer apps have battled everything from catfishing to creeps. Bumble asks users to verify their identities with selfies. Earlier this year, a study accused Grindr, OKCupid and Tinder of sharing sensitive data. OKCupid specifically was accused of sending data on drug use, ethnicity and political views to the analytics firm Braze.

365体育首页In a statement shared by CheckPoint Research, OKCupid said:

“Check Point Research informed OkCupid developers about the vulnerabilities exposed in this research and a solution was responsibly deployed to ensure its users can safely continue using the OkCupid app. Not a single user was impacted by the potential vulnerability on OkCupid, and we were able to fix it within 48 hours. We're grateful to partners like Check Point who with OkCupid, put the safety and privacy of our users first.” 

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
129 Shares
Share
Tweet
Share

Popular on Engadget

Engadget's 2020 Back-to-School Guide

Engadget's 2020 Back-to-School Guide

View
Trump executive order seeks to ban TikTok, WeChat in 45 days

Trump executive order seeks to ban TikTok, WeChat in 45 days

View
Disney has no idea what it's doing with 'Mulan'

Disney has no idea what it's doing with 'Mulan'

View
Cadillac jumps into the EV market with its 'Lyriq' crossover

Cadillac jumps into the EV market with its 'Lyriq' crossover

View
'Apex Legends' will include crafting in season six

'Apex Legends' will include crafting in season six

View

From around the web

OKCupid security flaws could have given hackers access to user accounts | Engadget OKCupid security flaws could have given hackers access to user accounts | Engadget OKCupid security flaws could have given hackers access to user accounts | Engadget OKCupid security flaws could have given hackers access to user accounts | Engadget OKCupid security flaws could have given hackers access to user accounts | Engadget OKCupid security flaws could have given hackers access to user accounts | Engadget OKCupid security flaws could have given hackers access to user accounts | Engadget