Science

Massive online database left over 42 MILLION user records from dating apps exposed


Massive online database exposed over 42 MILLION dating app users’ records, including IP addresses, location data and usernames

  • A security researcher discovered the database online and said it wasn’t secured
  • The leaked data includes usernames, IP addresses, geolocation data and ages
  • Data appeared to come from dating apps like Cougardating, Mingler and others 

A Chinese database has exposed 42.5 million user records that were mined from a range of popular dating apps. 

The database was discovered by security researcher Jeremiah Fowler, who said it was not password protected and the majority of the records appeared to be from US users. 

Worryingly, the data left exposed included users’ IP addresses, geolocation data, age and usernames. 

Scroll down for video 

A Chinese database has exposed 42.5 million user records that were mined from a range of popular dating apps. The data included IP addresses, geolocation data, ages and usernames

A Chinese database has exposed 42.5 million user records that were mined from a range of popular dating apps. The data included IP addresses, geolocation data, ages and usernames 

WHAT DATA WAS INCLUDED? 

The database included 42.5 million user records from an array of dating apps. 

Among the apps affected were Cougardating, Christiansfinder, Mingler, Fwbs (friends with benefits) and TS Dating.

Info in the database included: 

  • Account names
  • Geolocation data 
  • Users’ ages
  • IP addresses 

Among the dating apps the information was pulled from include Cougardating, Christiansfinder, Mingler, Fwbs (friends with benefits) and TS Dating.

Fowler used the records of users’ ages, location and account names to identify them on other apps and services and verify they’re real.  

‘Finding several of the users’ real identity was easy and only took a few seconds to validate them,’ Fowler wrote in a blog post breaking down his findings. 

‘Nearly each unique username I checked appeared on multiple dating sites, forums, and other public places. 

‘The IP and geolocation stored in the database confirmed the location the user put in their other profiles using the same username or login ID,’ he added. 

Fowler attempted to contact the database owner to get it taken down, but his emails and calls went unanswered. 

As a result, the database is still online and unsecured, but Fowler chose to disclose his findings in an attempt to generate user awareness, particularly for those who might have been swept up in the leak. 

It's not clear who owns the unsecured database. Fowler checked the site's domain registration and found that a subway line in Lanzhou, China was listed as the owner's address

It’s not clear who owns the unsecured database. Fowler checked the site’s domain registration and found that a subway line in Lanzhou, China was listed as the owner’s address

It’s not clear who owns the database. Fowler checked the site’s domain registration and found that a subway line in Lanzhou, China was listed as the owner’s address. 

When he called a number associated with that address, a message said the phone had been disabled. 

Fowler said he also attempted to contact the developers behind the apps but in many cases, the only way to find contact information was to download the app, which seemed risky.

‘I am not saying or implying that these applications or the developers behind them have any nefarious intent or functions, but any developer that goes to such lengths to hide their identity or contact details raises my suspicions,’ Fowler said. 

‘Call me old fashioned, but I remain skeptical of apps that are registered from a metro station in China or anywhere else.’

While some personal data like usernames and locations was shared, Fowler noted that, luckily, no personally identifiable information was shared, which includes real names, physical addresses or social security numbers.   



READ SOURCE

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.