Grindr is the victim of two security breaches that compromise the location data of its users. This concerns people who have used the third-party C * ockblocked app, which lets users find out who has blocked them by linking the app to their Grindr profile. The issue of personal data protection is important in general, but undoubtedly even more so for Grindr in particular: homosexuality is still punished today in some countries.
Two security flaws have been discovered in the gay dating app Grindr, reports NBC News. The location data users were notably exposed. The alert was initiated by Terver Faden, the creator of the third-party C * ockblocked app, which lets registrants know who they've been blocked by by linking the app to their Grindr account.
Grindr: location data compromised
Faden explains that his app was able to recover from lots of private information on Grindr users: their location, but also email addresses, unread messages or deleted photos. He also points to a second flaw: some data including location data are not encrypted. Anyone snooping around in traffic can then spot and grab them.
Grindr has reacted and has already fixed the first loophole. The dating app specifies that users should be very careful about sharing their information with third-party services, and that they should avoid connecting to other platforms through their Grindr account. However, it ensures that the data transmitted between the user's smartphone and their servers is correctly encrypted.
The protection of personal data, for example on Facebook, is an issue that affects us all, but it can be even more serious in the case of Grindr. Indeed, there are still many countries in the world in which being homosexual is considered a crime. Hence the importance of protecting location data as much as possible. User safety is at stake.
