Security breaches in relationship apps and social media: here are some cases
Social media gained strength in the 2000s, when the Internet became popular in Brazil. According to the Global Digital Overview 2020 survey, Brazilians spend, on average, 3 hours and 31 minutes logged on social media. Therefore, the country ranks 3rd among those that spend more time on these platforms. The uses of these types of apps go much beyond simply connecting people, ranging from professional networking, such as LinkedIn, to relationship apps, such as Tinder and OkCupid.
When we sign in on social media or relationship apps, we provide some personal data, such as our full name, date of birth, occupation, and even the places we go every day. Through a minimal security breach, this personal data can end up in the wrong hands and cause serious damage.
Data leaks in relationship apps
In 2017, Tinder was hacked and 40 thousand user photos were leaked. In this specific case, American programmer Stuart Collini, for example, used these photos to conduct his research, seeking to understand how machines recognize human faces. The programmer and the company that managed Tinder denied that any personal user data had leaked and that the security breach that allowed the access had already been corrected.
Another data leak case involving relationship apps took place with OkCupid, an online dating platform. Researchers at the online security company Check Point discovered serious breaches in the platform's security, which allowed intruders to spy on user data and commit malicious acts. The breaches found in the apps for Android and the Web allowed authentication tokens and user IDs to be stolen, as well as other personal information, such as email addresses, preferences, and sexual orientation. In addition, Check Point researchers reported that sharing links on OkCupid could make it easier for attackers to collect personal user data. The company that owns the relationship app OkCupid declared that the breaches have already been solved.
Security breaches in social media
It is not only relationship apps that can present security breaches and cause data leaks. Social media platforms, such as Facebook, are also subject to security breaches. In 2018, a vulnerability in Facebook jeopardized 50 million accounts. Problems with code related to the "View as" function - which allows the users to see their profile as it appears to other people - allowed access tokens to be stolen. Facebook fixed the bug and, for security reasons, reset the access tokens of 90 million users, in order to prevent further personal data leaks.
This security breach on Facebook ended up having an impact on other platforms, such as Tinder and Spotify, since many users of these platforms use Facebook to log into their accounts, a process known as Single Sign-On (SSO). However, Facebook has not made it clear whether this social media security breach has put the personal data of users of other social media that use the SSO process at risk.
Social media and relationship apps are already part of our lives, and that is why we increasingly feed these platforms with our personal data. To avoid negative consequences caused by security breaches, it is essential to know how to protect your data on social media and relationship apps. With Hacker Rangers you learn about cybersecurity through gamification: a fun and healthy way to protect your personal information on the Internet. For more information, visit hackerrangers.com.
Article translated from: Falhas de segurança em aplicativos de relacionamento e redes sociais: Conheça alguns casos — Perallis Security