Tinder, the popular mobile dating app that matches people based on how they rate each other’s photographs, briefly exposed the physical location of its users to other people on the service.
The location information wasn’t visible in the app. But the data files sent to each user’s phone, which could be accessed through a simple hack, contained sensitive information about people recommended by Tinder, including their most recent location while using the app. It also included their Facebook ID, which could be used to identify someone by first and last name.
Tinder hasn’t disclosed the privacy slip to its users, but it confirmed the issue after Quartz asked about it, saying the data was only exposed for a few hours this weekend. ”We had a very, very, very brief security flaw that we patched up very quickly,” Tinder CEO Sean Rad said. “We were not exposing any information that can harm any of our users or put our users in jeopardy.”
Users are asked to share their location with Tinder so the app can recommend people within a certain distance. To make that feature work, Tinder has to record the last known location of each user. Rad noted that, to preserve battery life, Tinder doesn’t store as precise a location as it could. And the location is only as recent as the last time someone used the app.