Online Buddies, the parent of gay dating app Jack’d, has been instructed to pay $240,000 to around 1,900 users in New York following a personal image leak.
A programming bug allowed attackers to access private images that would usually be ‘locked’ (only accessible by specific matches when the owner permits it). The app’s policies allowed nudity in these locked folders.
The issue was reported several months before a fix was implemented, prompting criticism from commentators in the LGBTQ community.
Attorney General Letitia James said in a press release: “This app put users’ sensitive information and private photos at risk of exposure and the company didn’t do anything about it for a full year just so that they could continue to make a profit.
“This was an invasion of privacy for thousands of New Yorkers. Today, millions of people across the country — of every gender, race, religion, and sexuality — meet and date online every day, and my office will use every tool at our disposal to protect their privacy.”
Jack’d has over 6 million users. Of the 7,000 impacted by the bug in New York, around 4,000 had private images attached to their account. Around 2,000 nude images are estimated to have been vulnerable.
Adam Segel, CEO of Online Buddies, told The Independent: “We apologise to our users for this flaw. We worked closely with, and cooperated fully with, the New York attorney general’s office in their investigation of this matter.
“With new leadership and stronger security measures in place, Jack’d users can continue to rely on the security of their personal data. We greatly value all of our Jack’d users throughout the world and wish all in our community a happy and healthy pride.”
Read more here.