A security lapse at dating app Raw publicly exposed the personal data and private location data of its users, TechCrunch has found.
The exposed data included users’ display names, dates of birth, dating and sexual preferences associated with the Raw app, as well as users’ locations. Some of the location data included coordinates that were specific enough to locate Raw app users with street-level accuracy. Raw, which launched in 2023, is a dating app that claims to offer more genuine interactions with others in part by asking users to upload daily selfie photos. The company does not disclose how many users it has, but its app listing on the Google Play Store notes more than 500,000 Android downloads to date.
Read more…
Source: TechCrunch News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- FBI: Compromised US Academic Credentials Identified Across Various Public and Dark Web Forums
May 26, 2022
The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publically accessible forums. This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations. Cyber actors continue to conduct attacks against US ...
- Ex-spymaster and fellow Brexiteers’ emails leaked by suspected Russian op
May 26, 2022
Emails between leading pro-Brexit figures in the UK have seemingly been stolen and leaked online by what could be a Kremlin cyberespionage team. The messages feature conversations between former spymaster Richard Dearlove, who led Britain’s foreign intelligence service MI6 from 1999 to 2004; Baroness Gisela Stuart, a member of the House of Lords; and Robert Tombs, ...
- Millions of people’s info stolen from MGM Resorts dumped on Telegram for free
May 25, 2022
Miscreants have dumped on Telegram more than 142 million customer records stolen from MGM Resorts, exposing names, postal and email addresses, phone numbers, and dates of birth for any would-be identity thief. The vpnMentor research team stumbled upon the files, which totaled 8.7 GB of data, on the messaging platform earlier this week, and noted that ...
- GM credential stuffing attack exposed car owners’ personal info
May 24, 2022
US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed some customers’ information and allowed hackers to redeem rewards points for gift cards. General Motors operates an online platform to help owners of Chevrolet, Buick, GMC, and Cadillac vehicles manage their bills, services, and redeem rewards points. Car ...
- Engineering firm Parker discloses data breach after ransomware attack
May 16, 2022
The Parker-Hannifin Corporation announced a data breach exposing employees’ personal information after the Conti ransomware gang began publishing allegedly stolen data last month. Parker is an Ohio-based corporation specializing in advanced motion and control technologies, with a strong focus in aerospace hydraulic equipment. It has a revenue of $15.6 billion and employs over 58,000 people. Parker-Hannifin says ...
- Apple and Meta Gave User Data to Hackers Who Used Forged Legal Requests
March 30, 2022
Apple Inc. and Meta Platforms Inc., the parent company of Facebook, provided customer data to hackers who masqueraded as law enforcement officials, according to three people with knowledge of the matter. Apple and Meta provided basic subscriber details, such as a customer’s address, phone number and IP address, in mid-2021 in response to the forged “emergency ...