As many as 42.5 million records of users of different dating apps were found in a single Chinese database that doesn’t have a password protection, a security researcher has said.
Jeremiah Fowler on May 25 discovered a non-password protected Elastic database that was clearly associated with dating apps based on the names of the folders.
“The IP address is located on a US server and a majority of the users appear to be Americans based on their user IP and geo-locations. I also noticed Chinese text inside the database,” Fowler wrote in Security Discovery on Tuesday.
The security researcher believed the database’s owner was also Chinese.
“Upon further investigation I was able to identify dating apps available online with the same names as those in the database. What really struck me as odd was that despite all of them using the same database, they claim to be developed by separate companies or individuals that do not seem to match up with each other,” Fowler added.
The database, however, did not include financial information.
According to the CyberScoop, Fowler wasn’t implicating the developers behind the apps of doing anything nefarious, the fact that they’d gone to such lengths to conceal their identities was inherently suspicious.