Cybersecurity and ethical hacking firm Gizmodo has published a report mentioning that around 70,000 photos of Tinder female users have been leaked and exposed in a forum dedicated to cybercrime, a fact that raises concern among the cybersecurity community due to the potential malicious use of exposed files.
In a statement, public forces for the attention of sexual assaults in New York City confirmed the incident, noting that the images were discovered on a popular website among cybercriminals, dedicated to the sale of malicious software. In addition to the thousands of images, a text file containing about 16,000 unique user identifiers was also leaked. This figure could be the main indicator of the number of Tinder users affected.
It is not yet known why these photos were collected; however, the mere existence of this database calls into question the security measures of the dating app, as well as showing the ability of threat actors to compromise confidential details in such a way. According to ethical hacking experts, criminals could use these images for extortion and harassment against the victims of the incident.
Speaking to Gizmodo, a representative of the dating app mentioned that Tinder employees are strictly prohibited from taking these files to external platforms, in addition to announcing actions against this incident: “We are taking action to remove any data posted on platforms outside of Tinder.”
However, Aaron DeVera, a researcher collaborating as a cybercrime analyst for New York City, believes it will be virtually impossible for Tinder to remove information posted on external platforms, although he offered the company responsible for this app his full collaboration.
This is not the first similar incident that occurred in Tinder. A couple of years ago, ethical hacking specialists from the International Institute of Cyber Security (IICS) reported the leaking of more than 40,000 photos of Tinder users in the US, allegedly used to create a database of facial records for test a biometric sensing system. Although Tinder recognized this incident as a security breach and promised measures to prevent similar incidents in the future, things don’t seem to have improved much for users of this network.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.