Catalin Cimpanu reports:
Online dating app Heyyo has made the same mistake that thousands of companies have made before it — namely, it left a server exposed on the internet without a password.
This leaky server, an Elasticsearch instance, exposed the personal details, images, location data, phone numbers, and dating preferences for nearly 72,000 users, believed to be the app’s entire userbase.
The leaky server was brought to ZDNet‘s attention last week by security researchers from WizCase, who asked us to help investigate this security incident.
Read more on ZDNet.
Updated: You can access WizCase’s report on their site.