Connect with us

Hi, what are you looking for?

Social Media

Dating app suffers data leak exposing its entire userbase (Includes interview)

Online dating app Heyyo’s server was not password protected and and issue with the server led to the app’s entire userbase being exposed online. The data exposed included the following, according to ZDNet:

Names, Phone numbers, Email addresses, Dates of birth, Gender, Height, Profile pictures and other images, Facebook IDs for users who linked their profiles, Instagram IDs for users who linked their profiles, Longitude and latitude, Who liked a user’s profile, Liked profiles, Disliked profiles, Superliked profiles, Blocked profiles, Dating preferences, Registration and last active date, and Smartphone details.

The unsecured server was discovered by security researchers at WizCase. What is of greatest concern is that the exposed information included user location, meaning that bad actors could leverage this info to stalk impacted users.

Commenting on the data breach to Digital Journal, Eve Maler, vice president of innovation & emerging technology, ForgeRock, says that the type of serve is noteworthy: “Heyyo joins Glynk as another dating app to suffer from a significant data leak due to an exposed Elasticsearch database.”

She also notes the significance of the information: “The leaked user data is more than enough information for hackers to launch spear-phishing or extortion campaigns—where bad actors leverage users’ dating life and habits as blackmail—similar to the Ashley Madison extortion scheme. This instance shows how in addition to cyber threats, there are real-world, physical dangers that can result from security issues.”

In terms of lessons for businesses, Maler says security is key: “Many Elasticsearch database breaches and leaks stem from organizations leaving their servers unprotected with no password. However, with cybercriminals constantly crafting and innovating sophisticated attacks, an organization’s security efforts should not stop there.”

In terms of enhanced security, she recommends: “Online dating services and all other organizations need to take the extra step to safeguard their databases by investing in comprehensive identity and access management tools. By deploying a modern identity and access management (IAM) solution that provides intelligent, contextual and continuous security and has the capability of demanding further identity validation after detecting abnormal behavior, like multifactor authentication (MFA), companies can ensure the safety of their data and maintain the trust of their users.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:


Semi trucks drive along Interstate 70 near Booneville, Missouri on Nov. 1, 2011. KOMUnews/Anna Burkart. CC SA 2.0.Hundreds of B.C. truckers took to the...


Two ballistic missiles fired by Yemeni rebels were intercepted and destroyed over the UAE capital Abu Dhabi on Monday.


Beijing warned Monday that heavy air pollution is likely during the Winter Olympics.

Tech & Science

The Tonga volcanic eruption unleashed explosive forces that dwarfed the power of the Hiroshima atomic bomb.