Gay dating app pays out after leaking users’ nudes
The gay dating app Jack’d must pay out $240,000 (£189,000) for publicly exposing users’ nudes online.
According to the BBC, the app owner knew about the security flaw for a whole year before doing anything about it.
The flaw was reported by a cyber-security expert in February 2018, and was only fixed in February 2019.
According to a press release from New York Attorney General Letitia James, who reached the settlement with parent company Online Buddies, the nude photos of 1,900 members of the LGBT+ community were leaked.
She also ordered the app to implement a “comprehensive security program,” and to commit to resolving security issues promptly in the future.
More from PinkNews
James said: “The app put users’ sensitive information and private photos at risk of exposure and the company didn’t do anything about if for a full year just so that they could continue to make a profit.
“This was an invasion of privacy for thousands of New Yorkers. Today, millions of people across the country — of every gender, race, religion, and sexuality — meet and date online every day, and my office will use every tool at our disposal to protect their privacy.”
The app allows users to upload private photos which are only viewable to people the user has selected.
The dating app put users at risk of violence and discrimination by exposing photos
The feature is intended to allow users to exchange intimate photos securely and privately, however all photos were uploaded to an open web server making them vulnerable to exposure.
The security flaw did not require someone to even have a Jack’d account, therefore anyone with an internet browser would have been able to access the private photos.
Users who had their photos exposed could have been outed, putting them at risk of violence, discrimination, or, if living in a country where homosexuality is still a crime, punishment or prison time.