Priyanka Tiwari
Share
Cybernews researchers have uncovered a significant privacy breach involving several dating apps. Platforms like BDSM People, CHICA, TRANSLOVE, PINK, and BRISH reportedly leaked personal user data, including private chat images and profile photos. The total number of leaked images reached nearly 1.5 million, exposing users to serious privacy risks.
How Did the Leak Happen?
The main cause was poor security practices. These dating apps stored user images in Google Cloud Storage buckets without password protection. Additionally, critical information like API keys and database credentials were left visible in the app code, creating an open door for cybercriminals.
What Was Exposed?
The leaked data included:
Profile pictures
Private photos shared in chats
Profile verification images
Photos previously removed by moderators
One of the worst affected apps, BDSM People – Kinky Fetish Dating, exposed over 541,000 images, while CHICA – Selective Luxy Dating leaked approximately 133,000 images.
Why It’s a Serious Privacy Concern
This data leak puts users at real risk. Beyond embarrassment, leaked photos can be used for blackmail or scams. For users in countries where LGBTQ+ relationships are criminalized, this breach can have dangerous implications.
Even though usernames and email addresses weren’t exposed, reverse image search and similar tools can still help cybercriminals identify individuals.
Who's Behind These Apps?
All the affected apps are operated by M.A.D Mobile Apps Developers Limited. So far, the company has not responded to inquiries from Cybernews.
The problem goes beyond these few apps. Cybernews analyzed 156,000 iOS apps and found that 71% leaked sensitive data, such as passwords or encryption keys—showing a widespread issue across the app ecosystem.
Read More: Android Auto 14.0 Stable Update Released Globally With Gemini Live Integration
--Advertisement--
