Dating apps have been growing in popularity, especially among millennials, but it appears that with a new study, dating apps aren’t just building new relationships; they’re also sneakily collecting data from users and selling them to third parties.
A ProPrivacy.com survey revealed that more than 70% of users of the popular dating website, Match.com, are vulnerable to data mining. But the researchers said that, amidst the risks that come with signing on to dating apps and websites, users still do it because they are unaware of how much data these apps are collecting from them and how they use it.
Match.com is one of the pioneers in the online dating service, which was first launched in 1995, and has already amassed more than a million paid subscribers, data from Statistica reveals. Its holding company, InterActiveCorp (IAC), also owns rival platforms, like OkCupid and PlentyOfFish, and Tinder, the app that revolutionized online dating and introduced the popular “swipe right” and “swipe left” feature.
The researchers and privacy groups are concerned of IAC’s privacy policies and are urging users to become aware of the security risks that entail using services from the company. For example, Match.com is collecting information beyond the typical demographic profile of their users like age, gender, and relationship status citing that that information is needed for their system to create an accurate “match” for each user. According to ProPrivacy.com, because of this policy from Match.com, users are required to submit personal and sensitive information to the platform without any idea of the implications of sharing that information will be.
They are reading your chat history
Clearly, messages are being read by the platform and this doesn’t sound good for users especially if they are not careful of what information they share with their matches over the platform. And since the company is storing that information in their system, breaching into their firewalls can open up a plethora of cyber attack vulnerabilities for the users.
Hackers can exploit their systems to gain access to your data
For instance, once a hacker can get access to the system of Match.com, they will also have access to private information, intimate messages, and sensitive images shared by users across the platform. If this information gets into the hands of wrong people, they can use them to blackmail and extort money from the victims, similar to what happened in the 2015 Ashley Madison attack that exposed 36 million users of the dating site for cheaters. Worse, these data can also be used by sophisticated criminals to launch high profile and believable phishing campaigns against their victims.
Three months ago, lesbian dating app Rela, popularly used in China, was discovered by Victor Gevers, a tech researcher from GDI. Foundation, to have exposed the data of more than five million users, including their private and intimate status updates, which some contains some form of personal identification. Geolocations, for those who allowed the app to access, were also exposed in the database that was not protected by a password.
In a private chat, Gevers told Z6Mag that the dating app, Rela, had a “serious security issue for years.” He said that the database with all the user data was freely accessible to anyone, including cybercriminals and anti-gay movements, with Elasticsearch via a web browser.
“The privacy of people is very important. And I assume that for people who use these services, they should not be worried about their privacy and safety. But we have seen countless examples of dating apps for LGBTQ which were not secured at all,” Gevers told Z6Mag.
When asked for comment regarding the privacy issues raised by ProPrivacy.com, an IAC spokesperson said that the company has “no comment.”