Privacy

Facebook Dating has just expanded its service to include two more countries: Mexico and Argentina.

The social media giant’s new dating platform launched in 2018, and was first introduced to Facebook users in Colombia, and then later in Canada and Thailand. Mexico and Argentina are the latest countries to join the rollout.

According to CNET, Facebook also revealed some new features it will be adding to its dating service soon. “Auto Profile Create” does just what it implies – it can automatically generate a profile for you by gathering photos and information from your existing Facebook account, making it easier to get started. Users have the ability to edit or remove information in the auto-generated profile, or they can opt to build one from scratch.

February might be the season of love, but recent reports of hacking incidents may have you thinking twice before opening your favorite dating app. OkCupid is the subject of not one but two such stories - first a report revealing the dating site has denied a data breach despite multiple users’ claims of their accounts being hacked and stolen, and now the discovery of a security flaw from Israel-based cybersecurity firm Checkmarx.

According to researchers at Checkmarx, a vulnerability in the Android version of OkCupid’s mobile app could have exposed users to attacks of varying severity from cybercriminals. Bad actors could exploit the flaw to monitor usage of the app, read messages, track a user’s geographic location, send links with self-replicating malware or impersonate the victim.

“The disruptive potential of this attack is frightening as it is not hard to implement, it is not easy to detect by a typical user, and has high ​confidentiality​, high integrity​ and high ​availability​ impact,” said researchers in a post explaining the potential impact of the flaw.

Users of the popular dating app Coffee Meets Bagel woke up to a surprise on Valentine’s Day. Instead of looking at matches, they were greeted with a notice from the company saying some of their personal data had been hacked.

According to a report from CNN, the data breach occurred a few days before on February 11, but CMB executives were trying to assess the situation and the extent of the damage. In their notice, the company stated that an “unauthorized party gained access to a partial list of user details.”

Their email goes on to say: “The affected information only includes your name and email address prior to May 2018. As a reminder, we never store any financial information or passwords.”

Another day, another privacy scandal for Facebook.

A new investigation by TechCrunch reveals that Facebook secretly paid a number of users, including teenagers as young as 13, to install an app that gave the tech giant extensive access to their personal data. Users ages 13 to 35 were paid up to $20 per month plus affiliate fees to install the iOS or Android “Facebook Research” VPN app that tracked their smartphone and web activity, a program referred to in some documentation as “Project Atlas.”

Facebook has reportedly given personal data of its users to an exclusive roster of preferred companies such as AirBnB, Netflix and Lyft, even after claiming it had limited this data-sharing practice. One of the companies Facebook shared information with was dating service Badoo.

According to The Daily Beast, the British Parliament released 250 pages of documents, including internal communications between Facebook employees, regarding the secret data sharing practice. This potential scandal comes in the wake of Facebook’s launch of a new dating platform. Critics have been skeptical of whether or not people will feel comfortable joining in light of the privacy issues, and the latest news doesn’t look good for Facebook.

Facebook changed its data sharing practices with third party apps back in 2014 to restrict access, which affected many small app development companies like Six4Three that mined Facebook user data. The developer claimed in a lawsuit against Facebook that the social media giant favored lucrative companies and was willing to share data with them.

As internet usage grows, so does the number of devastating data breaches that expose sensitive personal information. The online dating industry is no stranger to hacks hoping to exploit the extensive amount of personal data users share in their profiles, with services like FriendFinder Networks, Ashley Madison, Mate1 and Plenty of Fish falling victim to high profile attacks.

The latest company to join that list is Momo, one of China’s most popular dating apps. Data from 30 million users of the app is reportedly for sale on the Chinese dark web for just CNY 200 (approximately $30 USD).

In a post published on Sina Weibo on December 3, user @lxghost1989 shared a series screenshots entitled “database of 30 million Momo users” with a comment saying, “Momo’s database is quite cheap.” The data for sale includes phone numbers and passwords, and was supposedly obtained on July 17, 2015 via a method known as credential stuffing. This technique uses stolen account credentials - typically username and password pairs - to fraudulently gain access to other accounts that use the same login credentials. Individuals who use identical usernames and passwords across multiple accounts are highly vulnerable to this kind of attack.