Gay dating app Jack’d must pay 1,900 users in New York for failing to prevent their nudes from leaking.

New York Attorney General Letitia James announced a settlement with Online Buddies (the company who owns Jack’d) to pay the users a total of $240,000 (£189,000).

Attorney General James said private photos were ‘vulnerable to exposure’ due to a lack of substantial security.

‘This app put users’ sensitive information and private photos at risk of exposure,’ said Attorney General James via a press release. ‘And the company didn’t do anything about it for a full year just so that they could continue to make a profit.’

She then added: ‘This was an invasion of privacy for thousands of New Yorkers.

‘Today, millions of people across the country — of every gender, race, religion, and sexuality — meet and date online every day, and my office will use every tool at our disposal to protect their privacy,’ she said.

Jack’d must now implement a comprehensive security program to protect user information. It also needs to ensure they address any future vulnerabilities promptly.

How does Jack’d work?

Photos on the Jack’d app can either appear in a public or private (also known as locked) setting.

All public photos (which cannot contain nudity) are viewable by any user. But users can also unlock their private photos (which can contain nudity) to other specific users.

They can then lock them again, if they choose.

But the Attorney General found Jack’d broke the app’s user privacy policy.

This policy states the company takes ‘reasonable precautions to protect personal information from…unauthorized access [or] disclosure.’

But the lack of security meant almost 4,000 users were at risk of a hack to their private photos.

A study released in February last year showed privacy weaknesses in both Jack’d and Grindr.

Jason Chao said he can prove the apps are not encrypting data sent to third party advertisers. This allows anyone to intercept the data, transfer, and steal it.

Speaking to Gay Star News, Chao says he could find out people’s age, relationship status, and even location coordinates.

‘It surprised me. Vulnerable people who aren’t out use Grindr and Jack’d. The developers should be assessing the apps’s security all around,’ he said.

See also

Major data flaw in two gay dating apps could allow hackers to steal your data

1 in 5 gay men say guys they met via hook-up apps did not respect their sexual limits

Grindr launches super hot clothing line and that’s not even the best part