The quest to find true love is a difficult one indeed. Many a lonely hearts around the world who couldn't find their 'special someones' through the more traditional means of dating resort to online dating apps such as Tinder, OkCupid and Plenty of Fish (PoF) for doing just that.
However, some of these people seeking love and companionship or simply a one night stand may need to update their profiles right now. No, not to get better matches or responses but to safeguard themselves from a serious data breach that has affected one of the world's most popular dating apps.
Plenty of Fish suffers from serious data breach
Popular dating app Plenty of Fish, which reportedly has some 150 million users registered on its database worldwide, has revealed that the app has suffered a serious data breach and has issued a patch for its mobile app. The security threat was discovered by a security researcher who found a vulnerability in the mobile app was leaking information that users had set to "private" on their profiles.
The data breach was discovered by a security researcher who goes by the pseudonym, 'The App Analyst.' The researcher found that both the Android and iOS versions of Plenty of Fish app, as well as the dating sites web-based app were affected by the breach.
Leaked information included ZIP codes
PoF said in a statement that the leaked information may have included the users first names and postal ZIP codes. Dating apps such as PoF and Tinder ask users to provide personal data like ZIP codes and location access in order to help tailor their matches and show local matches or matches nearby.
The apps also allow users to set what information they would like to be shown publicly and what information they would like to be hidden and shown only to their matches or people their contacts while signing up for the service.
Although the sites say that the "private" information will not be displayed to the public, the information can still be accessed via the app's API using freely available tools. And hackers may use these free tools to access these hidden data, putting the users at risk not just online but also in the real world.
Fix rolled out
Meanwhile, Plenty of Fish was quick to act and has rolled out a fix for the issue. The dating app has also confirmed that privacy concerns are no longer present in the app's API. However, it encourages users to update their profiles to display preferences to ensure that their personal information is not at risk.
This is the second incident involving a dating site in recent times. Just a few weeks back, a gay dating app called Grindr was involved in another issue where users were robbed and attacked in the pretence of false meetings.