![]() ![]() ![]() When registering Plenty of Fish states that they won't display certain information about the user such as their income level, marital status of their parents, or number of siblings. Plenty of Fish was made aware of this issue and has issued a fix.Ī users location is found based on their home ZIP code provided by the Plenty of Fish API With the recent Grindr attacks dating platforms should be very careful with how they share their users location information as it could be used by criminals to harass or attack their users. With the API revealing both a users first name and the general location of their home it's not outside the realm of possibility that a malicious actor could leverage this data to locate the users of Plenty of Fish. This sensitive data included a users first name, even when they requested for it not to be shown, and the ZIP code of the users home. ![]() Unfortunately the responses also contained user data which was potentially sensitive. Initial analysis of the Plenty of Fish API showed responses contained generic logging and app data. December 18th: Confirmed privacy concern no longer present in API.November 5th: Fix is developed and tested.October 20th: Plenty of Fish made aware of revealed location within API responses.Meet up based attacks leveraging dating apps have been in the news recently with criminals using Gridr, the online dating application geared towards gay, bi, and trans people, to lure and assault users. Their entire user-base is reported to be ~100 million users with ~400k online at any given time.Īfter providing a trove of personal information during the registration process Plenty of Fish allows you to begin matching with other users in your area. Their service is distributed via their Android and iOS apps as well as their web application. Plenty of Fish is a Canadian online dating service. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |