Dating Apps User Information Leaked Online

From Privacy Wiki
Jump to navigation Jump to search
Dating Apps User Information Leaked Online
Short Title Explicit Photos and Other Personal Information of Users Was Found Available Online
Location Global
Date June 2020

Solove Harm Insecurity, Exposure, Breach of Confidentiality
Information Identifying, Communication, Physical Characteristics, Sexual, Behavioral, Contact
Threat Actors Cheng Du New Tech Zone, Amazon, 3somes app, Gay Daddy Bear app, Herpes Dating app, Cougary app, Xpal app, Casualx app, SugarD app, GHunt app

Affected Users of dating apps
High Risk Groups Medical Patient, LGBT
Tangible Harms

845 GB of data including personal information of users of dating apps that cater specific groups and interests were found leaked online.


In June 2020 security researchers stumbled upon a collection of publicly accessible Amazon Web Services trove of data from a different specialized dating app, including 3somes, Cougary, Gay Daddy Bear, Xpal, BBW Dating, Casualx, SugarD, Herpes Dating, and GHunt. This were 845 gigabytes of data and close to 2.5 million records, likely representing data from hundreds of thousands of users.

The information was particularly sensitive and included sexually explicit photosExposure and audio recordings, screenshots of private chats from other platforms and receipts for payments, sent between users within the app as part of the relationships they were building. As a user of one of these apps one doesn’t expect that others outside the app would be able to see and download the data.Breach of Confidentiality

All of the apps seemed to come from the same source, they were listed "Cheng Du New Tech Zone" as the developer on Google Play.

Security researchers claim, this isn’t an Amazon problem, but the problem of the organization that developed these apps messing up the configuration and sloppily storing the data. This is an example of Insecurity.

The data has since been secured.

Laws and Regulations