Dating App Leaks Personal Details Of Millions Of Users. A security flaw in the dating app RAW has exposed the personal details of millions of users. An investigation by TechCrunch found that a security flaw in the app exposed sensitive information such as users’ names, dates of birth, sexual and dating preferences, and real-time addresses to the internet.
TechCrunch claims that the app’s negligence could have easily exposed a user’s location or even the street where their home is located.
RAW, which was released in 2023, introduced a feature that required users to take daily selfies, claiming to make interactions between users more authentic. The app, which has been downloaded more than half a million times from the Google Play Store so far, has been reported to have seriously violated users’ personal privacy.
This week, the company announced the launch of its new hardware, ‘Raw Ring.’ It claims to analyse data, including a partner’s heartbeat through AI, to detect cheating.
The company said it had fixed the flaw after being notified of the security flaw. “We have secured all vulnerable data endpoints and have implemented additional security measures to prevent this from happening again in the future,” said Marina Anderson, co-founder of Raw.
But the company did not directly inform users that their details had been exposed. The company said only that it would submit a report to regulators.
According to security analysts, the problem in the app is due to a flaw called IDOR (Insecure Direct Object Reference). Under this, any user can easily access the private information of other users.
Now, the company has fixed the security flaw, and the public server will no longer return user data, TechCrunch has reported.
