Hi Guys,

The dating app Grindr has just fixed a security vulnerability that allowed anyone to hijack and take control of any user’s account using only their email address.

Just by knowing the email address of a user, a hacker could create their own password reset link and hijack the account, gaining instant access to a user’s pictures, videos, private messages and more. The problem has now been fixed but to be on the safe side go and change your password.

Wassime Bouimadaghene, a French security researcher, originally uncovered the vulnerability in September and when he tried to warn them, Grindr ignored him for several weeks and then fixed it. Are their other problems that have not been exposed yet? Will Grindr even listen if a friendly hacker shows other holes?

Be careful what information you share on dating apps, regardless of how secure they say they are.

Thanks,

Max Roberts,
Incognito Privacy Care Team