Cyber security news for all


    User-sensitive Data Leaked by 5 Dating Apps

    At WizCase, IT researchers detected privacy breaches and data leaks on dating apps in East Asia and US. Some user data that was found to be exposed included sensitive information of users; like their names, profiles, private messages, phone numbers and billing addresses. Misconfigurations on the database of the 5 dating apps led to the exposure of user data. Millions of profiles were leaked and the AWS buckets, Elasticsearch servers and MongoDB databases used to host those websites had been exposed to the public without security authentication or password protection.

    These sites and apps were involved: Charin and Kyuun, YESTIKI, Kongdaq/Congdaq, Blury and CatholicSingles.

    YESTIKI: This dating app in the US leaked user data in a breach; that included the phone numbers, real names as well as activity logs of users. 4300 records culminating to 325MB were leaked through MongoDB server.


    Very sensitive information of users such as their age, payment methods, phone numbers, education, occupation, billing addresses, internet activity and physical activities were breached.

    Charin and Kyuun

    The Elasticsearch server used by the Charin and Kyun dating applications in Japan leaked 102,000, 000 customer records; that included sensitive user data such as personal preferences, email addresses, mobile device information IDs and cleartext passwords.


    123,000 user records were exposed by this South Korean application through the Elasticsearch server. Sensitive data such as user gender, GPS location, date of birth and cleartext passwords were exposed.


    The Elasticsearch server led to the breach of 70,000 user data on the Korean Blurry app.

    WizCase believes that those data breaches could’ve been done through a process of collecting and storing information given by users; known as ‘Web Scrapping’.

    Exposed data can lead to a huge menace when the data is used by malicious individuals who can create cases of harassment, blackmail, identity theft and even stalking.

    To keep your data safe, ensure that your passwords are complex, give little information on dating apps/websites; avoid using one password for all your accounts and be careful of the information you give out on websites and applications.

    Recent Articles

    Police warn of a scam with fake websites on the Airbnb

    The apartment is centrally located and costs less: what looks like a great offer could be an attempt at fraud. The police in Europe...

    Significant increase in attacks with macOS specific macro malware

    Security researcher Patrick Wardle has observed a significant increase in attacks with macOS specific macro malware. As he explained in his lecture on Wednesday...

    China controls news with offline and online media

    The relationship between western countries and China is ambivalent. Only as a cheap production location and increasingly also as a basis for sales and...

    Russia’s GRU hackers hit the U.S. government and energy targets

    Some hackers have notoriety when it comes to the execution of their breach. GRU is one of these "elite" hacking gang. GRU is a Russian...

    U.S Offers $1 Million Bounty Reward for SEC Hackers

    (Left) Artem Radchenko (Right) Oleksandr Ieremenko   Two Ukrainians nationals, Viacheslavovich Radchenko and Oleksandr Vitalyevich Ieremenko are on the run from the law. The announcement did not...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox