Hacking Cupid: 4 Ways Online Dating Puts Your Privacy at Risk

If you’re seeking out the right romantic partner, you’re almost certainly considering online dating. If you do tap the internet for love, you’re not alone — nearly 40 percent of the nation’s single people use online dating services.

While dating service providers differ wildly — from all-inclusive sites like Match.com to more, ahem, niche sites like FarmersOnly.com — most offer the same core features: an interface for learning about and meeting potential dating partners, messaging capabilities and tools for setting up dates. Many also provide “match-finding” features, which leverage user-provided data to pair people who should be compatible. Many sites offer free basic features, then offer more advanced capabilities, such as match finding, on a subscription or fee basis.

There’s no arguing that dating sites have their benefits — just about everyone knows at least one person who was successfully hooked up through an online service. However, they also carry a number of cyber risks. So before you jump into the online dating world, you should understand the privacy and cyber security pitfalls involved … and what you can do to stay protected.

  1. Extended use of data. When you create your profile and interact with a data site, you provide all sorts of data to the operator — everything from who you are to what you do. These companies not only store this information, but they may use it for purposes beyond the site’s normal functions. For instance, they could use demographic details, preferences and/or browsing behavior to target advertisements from partners. Or they might hand data over to researchers for a study. In one recent case, a group of Danish researchers published the personal information of 70,000 users of dating site OKCupid, claiming that these details were “already public.”
    None of this is to say that you shouldn’t provide any information to sites like this. After all, you’re not going to look very attractive to anyone if they don’t know anything about you! But consider only providing part of the story. For instance, you can mention that you’re the CEO of a small tech startup … but avoid providing the actual name of that company.
  2. Location leaks. Several dating services use geolocation features of mobile devices to show what users are nearby and how far away they are. University of Kyoto researchers analyzed this capability in the gay dating app Grindr and its competitors Hornet and Jack’d, revealing that it could be used to identify the precise location of a user. Even with options disabled to reveal distance, users could be pinpointed within a few feet. Sure, this is a great feature in that it tackles a very practical hurdle of figuring out where the person you want to meet is. However, if you’re concerned with the idea of being “trackable,” or are otherwise concerned for your security, we recommend taking measures to disable the geolocation option on your
  3. Dating sites can be (and often are) vulnerable to abuse by predatory users. Scammers will use phony profiles to trick users in to sending money to a foreign account, luring them in by pretending to be a love interest. Sexual offenders and stalkers might also use the site to pursue victims — a serious safety concern that has prompted several states to pass laws related to online dating safety disclosures.
  4. Weak security and vulnerabilities. Dating sites can have security flaws that may lead to compromised data and even safety concerns. You should take precautions on any site that does not use the HTTPS protocol to encrypt your data. An extension for Firefox and Chrome browsers called “HTTPS Everywhere” can implement this protocol on these sites. Additionally, sites may not scrub uploaded photos of metadata, which may include location information and other sensitive data. For this reason, you shouldn’t use photos downloaded from other social sites like Facebook or Twitter.

Gotham Security doesn’t do dating, so you’ll have to find love elsewhere. But if you’re looking for cyber security expertise in the finance, healthcare and retail sectors, we do offer a full suite of compliance and risk management services, as well as security assessment services tailored specifically to your organization.

To learn more about how we can be the perfect match for your organization’s cyber security efforts, contact us at 917.734.4120 or info@gotham-security.com.