Technical Issues

Critical Security Vulnerability Discovered In OkCupid Android App

Technical Issues
  • Contributed by:
  • Views: 99

February might be the season of love, but recent reports of hacking incidents may have you thinking twice before opening your favorite dating app. OkCupid is the subject of not one but two such stories - first a report revealing the dating site has denied a data breach despite multiple users’ claims of their accounts being hacked and stolen, and now the discovery of a security flaw from Israel-based cybersecurity firm Checkmarx.

According to researchers at Checkmarx, a vulnerability in the Android version of OkCupid’s mobile app could have exposed users to attacks of varying severity from cybercriminals. Bad actors could exploit the flaw to monitor usage of the app, read messages, track a user’s geographic location, send links with self-replicating malware or impersonate the victim.

“The disruptive potential of this attack is frightening as it is not hard to implement, it is not easy to detect by a typical user, and has high ​confidentiality​, high integrity​ and high ​availability​ impact,” said researchers in a post explaining the potential impact of the flaw.

Coffee Meets Bagel Users Get Hacked on Valentine’s Day

Technical Issues
  • Contributed by:
  • Views: 86

Users of the popular dating app Coffee Meets Bagel woke up to a surprise on Valentine’s Day. Instead of looking at matches, they were greeted with a notice from the company saying some of their personal data had been hacked.

According to a report from CNN, the data breach occurred a few days before on February 11, but CMB executives were trying to assess the situation and the extent of the damage. In their notice, the company stated that an “unauthorized party gained access to a partial list of user details.”

Their email goes on to say: “The affected information only includes your name and email address prior to May 2018. As a reminder, we never store any financial information or passwords.”

OkCupid Denies Data Breach Despite User Reports Of Hacked Accounts

Technical Issues
  • Contributed by:
  • Views: 116

Is OkCupid the latest dating platform to fall victim to hackers? That depends on who you ask.

A news story from TechCrunch reports that an OkCupid user reached out to the tech news site after a hacker broke into his OkCupid account, reset his password and changed the email address on file. OkCupid instantly accepted the address change, he said, without sending an email asking for confirmation that the change was correct. When he contacted OkCupid’s customer service about the issue, he was told the company was “not able to provide any details about accounts not connected to your email address.”

The user is now locked out of his account with no way to reset his password and regain access. Making matters worse, the hacker began harassing him with “strange text messages” from his phone number that was taken from one of his private messages.

Tinder Outage Frustrates Users During Dating’s Busiest Season

Technical Issues
  • Contributed by:
  • Views: 100
Down Detector for Tinder

Tinder users were frustrated earlier this month when they tried to message and browse matches on the app, but instead got recurring error messages. The app was down for several hours starting at around 5:00am PST on Tuesday January 8, according to reports.

Users across Europe, the U.K. and the U.S. experienced problems sending and receiving messages, as well as server connection errors according to news website CNET. Some users also reported that they were unable to login at all.

Photos Of 6.8 Million Users Exposed By Latest Facebook Bug

Technical Issues
  • Contributed by:
  • Views: 119

Facebook is closing out a troubling year with even more bad news. On December 14, the company revealed that a software bug had exposed the photos of millions of users to outside developers. This latest privacy misstep reportedly involves up to 1500 apps by 876 developers and may have affected as many as 6.8 million users.

For an app to be affected by the bug, it had to have been approved by Facebook to access the photos API as well as authorized by users to access their photos. A spokeswoman declined to provide a list of developers who had access to the photos to The Guardian, saying only that Facebook does not think all of them took advantage of that access while it was available.

Tomer Bar, an engineering director at Facebook, explained the details of the bug in a post on the company’s developer blog.

"No Evidence" User Accounts Were Compromised After Facebook Hack, Says Tinder

Technical Issues
  • Contributed by:
  • Views: 194

Tinder users can breathe easier this week. Following the Facebook hack that compromised 50 million user accounts, Tinder has announced there is "no evidence” to suggest its own accounts have been breached as a result.

On Friday, September 28, news of the hack broke. An unknown attacker, or attackers, exploited a weakness in the social network’s systems to take over millions of accounts, gaining access to their profiles, photos, friend lists and, possibly, private messages. More than 90 million users were logged out of their accounts by Facebook as a precaution, including the accounts of company CEO Mark Zuckerberg and COO Sheryl Sandberg. It is one of the most significant cyber attacks in Facebook’s history.

"We do not yet know whether these accounts were misused but we are continuing to look into this and will update when we learn more," Facebook CEO Mark Zuckerberg said in a blog post published on Friday.