An enormous amount of photos, audio records, private chats, payment receipts for “particular performances”, and other sexual explicit information of about hundred of users in many sexual dating apps were online and available by anyone. This was discovered by the Vpn Mentor investigator that found sensible data in a database of 845 gigabyte with like 2.5 million of record only in a Amazon Web Services (AWS) account and probably due to a unique developer called “Cheng Du New Tech Zone” who is mentioned in a recurrent way in this database founded into the web from computer security experts.
The material was too significan with recognizable faces of the data subjects and refered to many apps on Google Play Store and on the App Store, among which Cougary, Gay Daddy Bear, Xpal, BBW Dating, Casualx, SugarD, Herpes Dating e GHunt, and revealed particular sexual orientation and some “bad habits” that for many people can be weird in case of disclosure, as for example dates for sexual group activities and couple exchanges, dates between homosexuals with other youngest gay people, among older men and teenagers often just under the age of 18, and also among Herpes sufferers, highlighting in this last case also health data.
Apparently, the cause of the exfiltration of the data in the archive taken from the sexual dating apps is not attributable to a hacker breach or liability by the Amazon provider, but the data breach is rather due to a clumsy configuration of the archive that made it possible to access it potentially by anyone.
Both Vpn Mentor investigators and many journalists have tried to contact the controller which is the Cheng Du Ne Tech Zone, a chinese app developer famous in USA, but no answer has arrived yet.
Meanwhile, more than thousand of users run the risks of being put through the online wringer and in other serious
negative consequences on their images or their reputations, like extortions from attackers that can blackmail them not to disclose compromising material. At best, if the danger didn’t materialize at all, in many cases app users in this period might say goodbye to their privacy and not sleep soundly at all.
SOURCE: FEDERPRIVACY