Hot hookup app Tinder reportedly had a major security flaw that let people see another person’s exact location for “much of 2013,” according to information security firm Include Security.
The vulnerability reportedly allowed any Tinder user to find another user’s location as long as they had the app running. If the app wasn’t running, you could still determine that user’s last location.
We first saw the news on Businessweek.
Using an algorithm called “Trilateration,” researchers were able to get the exact latitude and longitude coordinates for any Tinder user. But what’s really problematic is that anyone with basic programming skills could accomplish this by simply tapping into Tinder’s API, according to Include Security.
The team says it first notified Tinder in October, but didn’t hear back from the company until December. The hole was patched sometime before Jan 1., 2014, according to Include Security.
This isn’t the first time Tinder has exposed its users’ locations. Back in July, Tinder “very briefly” exposed user location data.
Business Insider has reached out to Tinder and will update this story if we hear back.
Business Insider Emails & Alerts
Site highlights each day to your inbox.