Metro Weekly

Gay dating app Manhunt hacked, exposing thousands of users’ data

Manhunt said it was hacked in February, but didn't alert users that their data had potentially been stolen

Manhunt, gay, app, dating, hack, user, data
Images: Nicolas Hirajeta, Manhunt

Gay dating app Manhunt has revealed that it was hacked in February, exposing the data of thousands of users.

In a statement to the Washington state attorney general’s office, Manhunt said a hacker had “gained access to a database that stored account credentials for Manhunt users.”

The hacker had then “downloaded the usernames, email addresses and passwords for a subset of our users in early February 2021.”

An attorney representing Manhunt told TechCrunch that 11% of users were impacted by the breach, but failed to provide specific figures.

Manhunt claims to have six million users, meaning more than 600,000 people were potentially affected. In Washington state alone, 7,700 people were affected, the company revealed.

Questions have been directed at Manhunt’s handling of the breach, given the lack of notice to its users. One month after the hack, on March 11, Manhunt tweeted that “all Manhunt users are required to update their password to ensure it meets the updated password requirements.”

No other communication was provided to notify users that their data had potentially been stolen, until noticed was filed with the Washington state attorney general.

Manhunt isn’t the first dating app to face issues surrounding exposing user data. Earlier this year, Norway’s Data Protection Authority told Grindr it faced an almost $12 million fine for allegedly sharing users’ personal data, including profile and location data.

In 2019, BBC News reported that Grindr and other gay dating apps Recon and Romeo were exposing the exact location of their users.

Also in 2019, gay dating app Scruff purchased a competitor, Jack’d, after the latter was fined for exposing its users’ private photos.

In 2018, Grindr admitted to sharing users’ HIV status with two outside companies, which it said was for testing purposes. The data being shared was so detailed — including users’ GPS data, phone ID, and email — that it could be used to identify specific users and their HIV status.

Another insight into Grindr’s data security policies came in 2017 when a D.C.-based developer created a website that allowed users to see who had previously blocked them on the app — information that is normally inaccessible.

Grindr’s location data was so specific that it was rumored to be part of the reason why the U.S. government branded it a potential national security risk and forced its former Chinese owners to sell the company.

Read more:

Disney Parks employees can have “gender-inclusive hairstyles” in new inclusive dress code

North Dakota lawmakers send transgender athlete ban to governor to sign into law

Oscars 2021 predictions: Who will scoop the night’s biggest prizes?

Support Metro Weekly’s Journalism

These are challenging times for news organizations. And yet it’s crucial we stay active and provide vital resources and information to both our local readers and the world. So won’t you please take a moment and consider supporting Metro Weekly with a membership? For as little as $5 a month, you can help ensure Metro Weekly magazine and remain free, viable resources as we provide the best, most diverse, culturally-resonant LGBTQ coverage in both the D.C. region and around the world. Memberships come with exclusive perks and discounts, your own personal digital delivery of each week’s magazine (and an archive), access to our Member's Lounge when it launches this fall, and exclusive members-only items like Metro Weekly Membership Mugs and Tote Bags! Check out all our membership levels here and please join us today!