Grindr flaw allowed hijacking accounts with just an email address

0

While Grindr quickly fixed the issue after hearing from Hunt, the incident underscored the platform’s shortcomings when it comes to security. And that’s a huge problem when the dating app caters to individuals whose sexual orientations and identities could make them a target for harassment and violence. This isn’t the first security issue Grindr has had to deal with. Back in 2018, it had a couple of flaws that risked exposing a user’s location. Earlier this year, the Norwegian Consumer Council published a report accusing Grindr and other dating services of spreading sensitive information, such as GPS locations.

Grindr chief operating officer Rick Marini told TechCrunch that in response to the discovery of this particular flaw, it’s taking additional steps to tighten its security measures. It’s making it easier for researchers to report security issues, and it vows to announce a new bug bounty program “soon.”

“We are grateful for the researcher who identified a vulnerability. The reported issue has been fixed. Thankfully, we believe we addressed the issue before it was exploited by any malicious parties.

As part of our commitment to improving the safety and security of our service, we are partnering with a leading security firm to simplify and improve the ability for security researchers to report issues such as these. In addition, we will soon announce a new bug bounty program to provide additional incentives for researchers to assist us in keeping our service secure going forward.”

For the latest tech news and updates, Install TechCodex App, and follow us on Google News,  Facebook, and Twitter. Also, if you like our efforts, consider sharing this story with your friends, this will encourage us to bring more exciting updates for you.

Source

Get real time updates directly on you device, subscribe now.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. AcceptRead More