Experts warn intimate photos of Feeld app users may be exposed

TLDR:

• Users of the dating app Feeld may have had intimate photos accessed due to security vulnerabilities.
• Cybersecurity experts uncovered the issues, including potential access to messages, private photos, and user details.

Users of Feeld, a dating app focused on alternative relationships, may have had sensitive data compromised as cybersecurity experts discovered security vulnerabilities in the app’s systems. Despite reporting soaring revenues and profits, Feeld faced concerns about potential access to messages, private photos, and user details earlier this year. The cybersecurity firm Fortbridge found that attackers could exploit weaknesses in the app’s security and access potentially sensitive information, such as reading messages and viewing attachments without a Feeld account. These vulnerabilities also allowed for the editing, deletion, and recovery of chats, as well as potential manipulation of user profiles.

Feeld stated that it handled the concerns promptly, resolving them within two months, and claimed that there was no evidence of user data being breached. The company did not disclose the vulnerabilities publicly to prevent potential manipulation of private information and planned to inform users directly about the fixes. Although Feeld did not report the issues to the information commissioner’s office, it may face repercussions if any user data was accessed. The app’s security flaws also raised concerns about identifying LGBTQ+ individuals in countries where homosexuality is illegal.

Feeld emphasized its commitment to members’ safety and security, welcoming collaboration with ethical hacking communities to strengthen its platform. While Fortbridge identified and reported the vulnerabilities, Feeld acknowledged that it had not adequately communicated the resolution process to the firm. The company stated that it has addressed all issues brought to its attention, except for one related to non-members accessing premium features, and highlighted its improved ability to conduct security tests on its systems moving forward.