Two Dating Apps Under Fire for Security Issues

Two dating apps have come under fire lately for security problems—Ok Cupid for a potential data breach and Jack’d for a vulnerability that left private photos potentially exposed.

• By Jessica Davis
• Feb 14, 2019

Those looking for love online may want to review their account security, depending on the dating apps they use. Two dating apps have come under fire lately for security problems—Ok Cupid for a potential data breach and Jack’d for a vulnerability that left private photos potentially exposed.

TechCrunch reports that multiple Ok Cupid users have contacted them about their accounts being hacked. One reader told TC that a hacker broke into his account and changed his password and email address, fully locking him out of his own account with no way to reset his password.

“Unfortunately, we’re not able to provide any details about accounts not connected to your email address,” said OkCupid’s customer service in response to his complaint. The user then began receiving harassment from the hacker.

Another user eventually got his account back, TC reported, after “quite the battle” and “two days of constant damage control until [OkCupid] finally reset the password for me.”

Multiple users told TechCrunch they weren’t sure how their passwords—unique to OkCupid and not used on any other app or site—had been obtained by hackers. OkCupid has denied any instance of a data breach.

OkCupid spokesperson Natalie Sawyer told TC, “There has been no security breach at OkCupid. All websites constantly experience account takeover attempts. There has been no increase in account takeovers on OkCupid.”

Dating app Jack’d recently caused security concerns when a bug was reported that allowed anyone with the know-how to access and download public and private photos uploaded by users. The bug, now fixed, didn’t require the hacker to use authentication or even sign up for the app, but could have let them download the entire image database.

The bug was finally fixed as of Feb. 7 after researcher Oliver Hough found and reported the security vulnerability to the Jack’d team months ago.

For tips on how to protect your accounts from hackers, click here.