1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Major data breach at popular hookup app leaks data on millions of

    From TechnologyDaily@1337:1/100 to All on Wed Jun 11 21:30:07 2025
    Major data breach at popular hookup app leaks data on millions of users - see if you're safe

    Date:
    Wed, 11 Jun 2025 20:29:00 +0000

    Description:
    A dating site kept an open database on the internet, but claims it contained test data.

    FULL STORY ======================================================================Cybernew s found an unescured MongoDB instance belonging to Headero The database contained millions of records and PII It has since been locked down, but
    users should still be on their guard

    Security researchers from Cybernews have reported uncovering a massive
    MongoDB instance belonging to a dating and hookup app called Headero.

    The database contained more than 350,000 user records, more than three
    million chat records, and more than a million chat room records.

    Among the exposed data are names, email addresses, social login IDs, JWT tokens, profile pictures, device tokens, sexual preferences, STD status, and
    - extra worryingly - exact GPS locations. No evidence of abuse

    Cybernews reached out to the apps developers, a US-based company named ThotExperiment, which immediately locked the database down. The company told the researchers that it was a test database, but Cybernews analysis indicates that it could have been actual user data, instead.

    Unfortunately, we dont know for how long the database remained open, and if any threat actors accessed it in the past. So far, there is no evidence of abuse in the wild.

    Human error leading to exposed databases remains one of the most common
    causes of data leaks and security breaches.

    Researchers are constantly scanning the internet with specialized search engines, finding massive non-password-protected databases almost daily.

    These leaks can put people at risk, since cybercriminals can use the information to tailor highly convincing phishing attacks, through which they can deploy malware , steal sensitive files, and even commit wire fraud.

    Headero users are advised to be extra vigilant when receiving unsolicited messages, both via email and social platforms.

    They should also be careful not to download any files or click on any links
    in such messages, especially if the messages carry a sense of urgency with them. If they are using the same password across multiple services, they should change them, and clear sessions / revoke tokens in apps, where possible. You might also like Top US dental firm spills over 8 million user files online Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/major-data-breach-at-popular-hookup-app -leaks-data-on-millions-of-users-see-if-youre-safe


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)