Over 70,000 Tinder Profiles of Women Just Got Dumped on a Cyber-Crime Forum
…Aaron DeVera, a member of New York City’s task force on cyber sexual assault, told reporters they discovered the images on a website known for trading in malicious software. (We aren’t disclosing the website’s name for obvious reasons.)
The dump is also accompanied by a text file containing some 16,000 unique Tinder user IDs, which could be the total number of users affected.
The reason the photos were collected remains unclear, but their availability to cybercriminals has raised serious concerns that it may be used to commit illegal acts; to target and harass the users themselves; or to generate fake user profiles on other platforms for some other malicious purpose.
Perhaps the least threatening scenario—which may still have far-reaching consequences for the privacy of the women—is that some unscrupulous developer or company, unconcerned with consent, is now using the photos to train a facial recognition product. It wouldn’t be the first time this has happened.
Contextual clues, including particular phone models like the iPhone X seen in the photographs, as well as limited metadata, suggest that many of the (mostly) selfies were taken in recent years. Some of the photos, in fact, contain timestamps dated as recent as October 2019.
A Tinder official told Gizmodo by phone that use of any photos or information outside the confines of the app is strictly prohibited. The company would take whatever steps it could, they said, to have the data removed offline.