October 3, 2020 | technology | No Comments
The popular LGBT+ hook-up app Grindr has fixed a glaring security flaw that allowed hackers to take over any account if they knew the user’s registered email address, TechCrunch reports.
Wassime Bouimadaghene, a French security researcher, originally uncovered the vulnerability in September. But after he shared his discovery with Grindr and was met with radio silence, he decided to team up with Australian security expert Troy Hunt, a regional director at Microsoft and the creator of the world’s largest database of stolen usernames and passwords, Have I Been Pwned?, to draw attention to an issue that put Grindr’s more than 3 million daily active users at risk.
Hunt shared these findings with the outlet and on his website Friday, explaining that the problem stemmed from Grindr’s process for letting users reset their passwords. Like many social media sites,