Around 70,000 photos of Tinder users have been stolen and distributed by a cyber-crime website; it has been reported.
The offenders only stole photographs and data from female accounts, and it is worried that the images could be used to set up bogus profiles for catfishing scams.
The photos were found by cybersecurity firm White Ops and were followed by a text file containing approximately 16,000 unique Tinder user IDs, according to media reports.
It is unclear accurately what the images will be used for, but it could be to target and harass the users themselves or to create fake user profiles on other stages.
Aaron DeVera, a researcher at the cybersecurity company White Ops, told they found the images on a website recognized for trading in malicious software.
It is also likely that the information could also be utilized to train a facial recognition product.
A Tinder official told Gizmodo that the use of any images or information outside the confines of the app is undoubtedly prohibited.
The firm said it would take whatever steps it could to have the data eliminated offline.
DeVera said that he is especially disturbed by the fact that whoever amassed the profile data is ‘very openly aiming female-presenting users.’
‘Dumps of data such as this typically bring fraudsters, who use it for making extensive collections of convincing false accounts on other platforms.
‘Stalkers might do this in a more targeted manner, to add to a bunch of data to use against an individual. Long-term concerns are that these images could be used for fraud and privacy violations.’
He also hinted that ‘raunchy’ images could be among those flowed, saying: ‘Given the context of this being a dating app, there are images a person may not necessarily want offering to the public.’
It arrives as some dating apps were found to have been leaking individual information to advertising tech firms in a possible violation of European data privacy laws.
This was shown by a report from the Norwegian Consumer Council on Tuesday.
The council, a government-funded charitable group, commissioned cybersecurity company Mnemonic to study 10 Android mobile apps.
It discovered that the apps sent user data to at least 135 different third-party services included in advertising or behavioral profiling.