Group Dating Service 3Fun Exposed Data For 1.5 Million Users

From Zine Libraries Wiki
Revision as of 07:22, 28 September 2019 by TeresitaFarber4 (Talk | contribs) (Created page with "-text c-gray-1" >Yet another dating service is learning about the dangers of data vulnerablilities. Pen Test Partners discovered that threesome-oriented app 3Fun left 1.5 mill...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

-text c-gray-1" >Yet another dating service is learning about the dangers of data vulnerablilities. Pen Test Partners discovered that threesome-oriented app 3Fun left 1.5 million users' data exposed, including precise locations, sexual orientation and even private photos. You only needed to spoof your location to glean information from people in a given area. While you could restrict positional info from the app, that filtering didn't apply on the servers -- a nosy person just had to query the service's framework to find someone's claimed whereabouts.

While that data would be sensitive in most any context, it could be particularly damaging with an app like 3Fun. An attacker could have used the info for extortion, scams or stalking knowing that many of the victims might be hesitant to let this knowledge escape into the wild. The consequences wouldn't necessarily be as dire as they were with the Ashley Madison breach, but they could still have been serious.

To its credit, 3Fun fixed the issue within a few weeks of Pen Test notifying the company on July 1st. The concern is that 3Fun exposed this information in the first place. It didn't just reflect a lack of concern for users' security, it jeopardized their trust. Dating apps rely on privacy and discretion as a matter of course, and users could quickly jump ship if they don't feel their info is truly secure.

Via: TechCrunch Source: Pen Test Partners In this article: 3fun, app, dating, gear, internet, privacy, security, sex All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. Comments 106 Shares Share Tweet Share Save Popular on Engadget
Logitech just bought the software of choice for many top streamers
View The 40mm Apple Watch Series 5 comes with a new battery design
View 'Star Wars Jedi: Fallen Order' trailer teases new story details
View DoorDash security breach affects nearly 5 million users
View Oculus CTO John Carmack on the VR challenges of the Quest and Rift S
View From around the web

nude asian mature