Gay dating app agrees to pay out £189,000 after users’ nude photos leak

Private photos and information were available for anyone to access

Sirena Bergman
Saturday 29 June 2019 16:21 BST
Jack’d is not the first dating app to face concerns over its handling of users’ data
Jack’d is not the first dating app to face concerns over its handling of users’ data (iStock)

A dating app has agreed to pay $240,000 (£189,000) as part of a settlement after private photos of its users were leaked last year.

Jack’d, which describes itself as the world’s “most culturally diverse gay dating app”, has more than 6 million users around the world, made up primarily of gay and bisexual men.

The app includes a feature which allows users to post private images, which should have only been accessible to people who were specifically selected.

In February 2018, cyber-security researcher Oliver Hough allegedly reported a flaw which meant the private photos, as well as other sensitive information such as device IDs and location, were available publicly.

But Online Buddies, which owns the app, failed to fix the problem until a year later in February 2019.

New York Attorney General Letitia James announced a settlement on Friday 28 June, by which Online Buddies will pay the $240,000 to New York state and implement improved security measures to prevent any similar incidents in the future.

The state argued that “the app’s interface has explicitly and implicitly represented that the private pictures feature can be used to exchange nude images securely and, more importantly, privately”.

It also claimed that Jack’d had around 7,000 active New York users, around 1,900 of whom had “private images that could be nude photographs”.

James said in a statement released this week that the company knew of the issue and “didn’t do anything about it for a full year just so that they could continue to make a profit.”

Adam Segel, CEO of the parent company, told The Independent: “Online Buddies became aware of a potential security flaw in the Jack’d app that was corrected earlier this year.

"We apologise to our users for this flaw. We worked closely with, and cooperated fully with, the New York attorney general’s office in their investigation of this matter.”

He continued: “With new leadership and stronger security measures in place, Jack’d users can continue to rely on the security of their personal data. We greatly value all of our Jack’d users throughout the world and wish all in our community a happy and healthy pride.”

Jack’d is not the first dating app to face concerns over its handling of users’ data.

Last year, Grindr came under fire after it was revealed that the app was sharing HIV status information with third-party companies, while a Facebook hack left millions of Tinder accounts vulnerable.

Most famously, Ashley Madison, which was aimed at people looking for extramarital affairs, was hacked in 2015, leading user identities to be leaked. It was subsequently subject to a US Federal Trade Commission investigation and a $576m (£454m) class-action lawsuit was filed against the company.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in