banner-ads
World

Kink and LGBT dating apps exposed 1.5m private user images online

2025-03-30 06:12:00

Abstract: 1.5M dating app photos (including explicit content) were exposed online due to M.A.D Mobile's security flaws. Data exposed users to blackmail risks.

Researchers recently discovered that approximately 1.5 million photos from professional dating applications, many containing explicit content, were stored online without password protection, making them vulnerable to hacking and blackmail. These photos came from five platforms developed by M.A.D Mobile, including fetish sites BDSM People and Chica, as well as LGBT applications Pink, Brish, and Translove. This lack of security raises serious concerns about user privacy and data protection.

Read Also...:

A stroke survivor speaks again with the help of an experimental brain-computer implant
A stroke survivor speaks again with the help of an experimental brain-computer implant
04-01, 2025
Arcade champion Billy Mitchell wins lawsuit against Queensland-based YouTube creator
Arcade champion Billy Mitchell wins lawsuit against Queensland-based YouTube creator
04-01, 2025
Pope Francis shows slight improvement and resumes some work, Vatican says
Pope Francis shows slight improvement and resumes some work, Vatican says
04-01, 2025
Pope Francis back home after five-week hospital stay for life-threatening double pneumonia
Pope Francis back home after five-week hospital stay for life-threatening double pneumonia
04-01, 2025

Anyone with the link could access these private photos. It is estimated that these services have 800,000 to 900,000 users. M.A.D Mobile was first warned about the security vulnerability on January 20, but only took action after the British Broadcasting Corporation (BBC) sent an email on Friday. The company has now fixed the vulnerability but has not stated the cause of the incident or why it failed to protect these sensitive images. This delay in addressing the vulnerability exposed users to potential harm for an extended period.

Aras Nazarovas, an ethical hacker at cybersecurity company Cybernews, discovered the online storage locations used by these applications by analyzing the code driving the services and first alerted the company to the security vulnerability. He was shocked to find that he could access these unencrypted and unprotected photos without any password. He stated that the first application he investigated was BDSM People, and the first photo in the folder was a nude man in his thirties, making him immediately realize that this folder should not be public. His findings underscore the importance of proactive security measures.

These images were not limited to photos in profiles but also included pictures sent in private messages, and even some images that had been deleted by moderators. Mr. Nazarovas stated that the discovery of unprotected sensitive material poses a significant risk to platform users. Malicious hackers could have already found these images and blackmailed individuals, and there are also risks for those living in countries unfriendly to LGBT people. The potential consequences for affected users are significant and far-reaching.

M.A.D Mobile stated in an email that they appreciated the researchers for finding vulnerabilities in the application to prevent data breaches from occurring. A M.A.D Mobile spokesperson said: "We appreciate their work and have taken the necessary steps to address this issue. Additional updates to the application will be released on the App Store in the coming days." The company did not respond to questions about where the company headquarters is located and why it took months to resolve the issue after repeated warnings from researchers. The lack of transparency from M.A.D Mobile raises further questions about their commitment to user security.

Typically, security researchers wait for vulnerabilities to be fixed before publishing online reports to prevent users from facing further attack risks. But Nazarovas and his team decided to raise the alarm on Thursday while the issue remained unresolved because they were concerned that the company was not taking any steps to fix it. He said, "This is always a difficult decision, but we believe the public needs to know how to protect themselves." This decision highlights the ethical considerations involved in reporting security vulnerabilities.

It is worth recalling that in 2015, malicious hackers stole a large amount of customer data about Ashley Madison users, a dating website that provides extramarital affairs for married people. This incident once again sounds the alarm for data security protection. The Ashley Madison breach serves as a stark reminder of the potential consequences of inadequate data security measures.

Related News

A stroke survivor speaks again with the help of an experimental brain-computer implant
World

A stroke survivor speaks again with the help of an experimental brain-computer implant

Arcade champion Billy Mitchell wins lawsuit against Queensland-based YouTube creator
World

Arcade champion Billy Mitchell wins lawsuit against Queensland-based YouTube creator

Pope Francis shows slight improvement and resumes some work, Vatican says
World

Pope Francis shows slight improvement and resumes some work, Vatican says

Pope Francis back home after five-week hospital stay for life-threatening double pneumonia
World

Pope Francis back home after five-week hospital stay for life-threatening double pneumonia

Judge blocks release of any photos showing bodies of Gene Hackman and his wife
World

Judge blocks release of any photos showing bodies of Gene Hackman and his wife

NASA astronauts speak out for the first time following unexpected nine-month mission to space
World

NASA astronauts speak out for the first time following unexpected nine-month mission to space

French far-right leader Marine Le Pen has been guilty of embezzling EU funds. Here's what she was found to have done
World

French far-right leader Marine Le Pen has been guilty of embezzling EU funds. Here's what she was found to have done

Pope approves canonisation of Peter To Rot, who will be PNG's first saint
World

Pope approves canonisation of Peter To Rot, who will be PNG's first saint

Dutton says Chinese research ship is collecting intelligence, mapping undersea cables
World

Dutton says Chinese research ship is collecting intelligence, mapping undersea cables

Shock Le Pen verdict rocks French far right
World

Shock Le Pen verdict rocks French far right

Top News

post-thumbnail
Middle East

Israeli air strikes kill nine Palestinians as Gaza prepares for Eid al-Fitr

03-31, 2025
post-thumbnail

The Last Anniversary, starring Danielle Macdonald, is the latest Liane Moriarty adaptation

03-30, 2025
post-thumbnail

Protesters against Elon Musk's purge of US government swarm Tesla showrooms

03-30, 2025
post-thumbnail

UK prepared to retaliate against US tariffs, No 10 sources say

03-30, 2025
post-thumbnail

Car finance case could spark billions in driver payouts

03-30, 2025
post-thumbnail

Kink and LGBT dating apps exposed 1.5m private user images online

03-30, 2025
post-thumbnail

Dad and daughter's sadness at end of Vauxhall era

03-30, 2025
post-thumbnail

Prince Harry has been accused of bullying by the head of Sentebale charity. Here's what we know

03-30, 2025
post-thumbnail

Desperate search for missing South Australian brothers last spotted at Bunnings

03-30, 2025