B.C.-based dating app, Plenty of Fish, has released a fix for a bug in its app that leaked users’ private information.
The information that could have been leaked included data that users’ had set to ‘private’ in their profiles. This included information such as users’ postal codes.
Although the leaked data was not immediately visible to app users, it could have been accessed by using free tools that can analyze network traffic. A researcher was able to reveal the information on his phone. In one instance, the researcher was able to find out where one user lived, he told TechCrunch.
“This data which is explicitly stated as ‘Not displayed in profile’ is being returned via the API and not being rendered in the user profile. Plenty of Fish is being truthful in stating that the data is not ‘displayed’ when your profile is viewed, however, a technical savvy user would be able to access that data,” the researcher explained in a post.
There are more than 150 million people worldwide who are currently registered on Plenty of Fish. The company has said that the fix for the bug was issued earlier this month.
Source: TheAppAnalyst, TechCrunch
