You would think a dating app that knows your sexuality and HIV status would take thorough precautions to keep that info protected, but Grindr has disappointed the world once again — this time, with a gobsmackingly egregious security vulnerability that could have let literally anyone who could guess your email address into your user account.
Luckily, French security researcher Wassime Bouimadaghene discovered the vulnerability, perhaps before it could be exploited, and it’s now been fixed.
Unluckily for Grindr, the company ignored his disclosures — until security researcher Troy Hunt (of Have I Been Pwned) and journalist Zack Whittaker (of TechCrunch) each confirmed the issue and wrote about it.
The details need to be seen to be believed…