Headless torso shots and dark sunglasses may not have been enough to protect some Grindr users' accounts from unauthorized access by a "hacker."
According to an article written by Ben Grubb of Australia's Fairfax Media, the popular gay hook-up app for phones and tablets has been found to have security vulnerabilities. The article claims that an unnamed hacker created a website which listed users' pseudonyms. It then granted access to certain abilities associated with those accounts.
The URL of the website was not specified in the article, and the site is supposedly inactive now. But it allegedly allowed one to "impersonate" Grindr users to send out messages as those users and to change their profile pictures.
Grubb's article specifically discusses the accounts of Australian users but claims the hacker could "search for any Grindr user regarless of their location."
The alleged flaw is described as having to do with a "hash" shared between users' phone apps. Grubb says his media company spoke with Grindr's founder, Joel Simkhai, about the matter. Simkhai replied that he was "certainly aware" of the potential problems, and "they will be fixed as fast as humanly possible."
Simkhai is also quoted as giving reassurances about the security of chat messages sent between users.