Over 1.5 million users of a group dating service had their private data exposed because of a vulnerability in the app. The app, named ‘3fun’, revealed data including their location.
The dating site called 3fun calls itself a private space that allows you to meet locally based ‘kinky’ and ‘open-minded’ people. The data however was not private. In fact Ken Munro, founder of Pen Test Partners called it the worst security for any dating app they’ve ever seen.
The organization found out that the app leaked precise location, photos and details of nearby users.
Further, because of the lacking security of the app, researchers also found out that they could spoof their location, and reveal sensitive information on basically anyone in places including government buildings and military bases.
