CheckPoint disclosed its findings to OKCupid, and developers have fixed the flaws within 48 hours. Fortunately, OKCupid says no users were impacted by the vulnerabilities. But as CheckPoint points out, this is a reminder that, while dating apps contain sensitive and personal information, they may not be as safe as we’d like.
“Our research into OKCupid, which is one of the longest-standing and most popular applications in their sector, has led us to raise some serious questions over the security of dating apps,” CheckPoint said in a statement. “The fundamental questions being: how safe are my intimate details on the application? How easily can someone I don’t know access my most private photos, messages and details?”
OKCupid has also fought spam messages, and its peer apps have battled everything from catfishing to creeps. Bumble asks users to verify their identities with selfies. Earlier this year, a study accused Grindr, OKCupid and Tinder of sharing sensitive data. OKCupid specifically was accused of sending data on drug use, ethnicity and political views to the analytics firm Braze.
In a statement shared by CheckPoint Research, OKCupid said:
“Check Point Research informed OkCupid developers about the vulnerabilities exposed in this research and a solution was responsibly deployed to ensure its users can safely continue using the OkCupid app. Not a single user was impacted by the potential vulnerability on OkCupid, and we were able to fix it within 48 hours. We’re grateful to partners like Check Point who with OkCupid, put the safety and privacy of our users first.”