February 13, 2012, 4:31PM
Online Dating Sites Getting Around With Customers Data
3 CommentsJust in time for Valentine's Day, the privacy watchdogs over at the Electronic Frontier Foundation have put together a guide for those tempted to dance the algorithm electric. Their findings: online dating services may be getting around with your personal data.
Leading online dating sites hold onto customers' data, including profiles and photos, even after those customers have deleted them, EFF found. The report is just the latest to raise alarms about the data retention and privacy policies employed by burgeoning social networks, including Facebook.
Dating sites may hold onto profiles after a user believes he or she has deleted it to make it easier for users who have second thoughts to reactivate their account. Its harder to explain away the sites' poor data security, EFF said. Dating sites reviewed by EFF had failed to implement HTTPS - or secure HTTP- leaving users vulnerable to man in the middle attacks, especially on insecure WiFi hotspots. Worse still, many of the sites have been shown to be riddled with security holes. In a recent incident, the Web site Grindr was compromised, allowing attackers to impersonate other users on the network, which connects gay men with potential partners. The Web site for PlentyOfFish, was also rumored to be the target of an attack that compromised the personal information of its 30 million users, according to published reports.
Editor's Pick
The EFF recommends that users of online dating sites should first make sure that their dating profile isn't publicly indexed by Google. Users who want to maintain a separation between their real life and online dating profile also want to be careful about the photos they upload. Image search and facial recognition technologies are becoming more accurate, allowing motivated parties to use photos and other data to connect multiple online personas that may belong to the same person.
Finally, the EFF cautions users about the sale of their personal data to third-party marketing companies, which, depending on the privacy policy everyone must agree to you, is used anonymously or not-so-anonymously to target advertisements.
Commenting on this Article is closed.
Today's Most Popular
- Anatomy of a LulzSec Attack 'Singles Out' Web 2.0 Weakness
- Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops
- OPINION: Are Anonymous Members Forged in the Crucible of IT Compliance?
- Google to Notify Users of DNSChanger Infections Ahead of July 9 Deadline
- Facebook Cancellation Malware Disguised As Adobe Update Making Rounds
Most Commented Stories
Newsletter Sign-up
Take Our Poll
The Internet Crime Complaint Center recently warned of malware targeting travelers connecting to Wi-Fi. When traveling, do you
Connect to anything
20%
Only connect to password-protected, secure connections
38%
Only use websites with HTTPS
28%
I don’t pay attention to how I access the internet while traveling
14%
Total votes: 65
Follow Threatpost
 |  |  |  |
| Tumblr |
Comments
Not surprising. They've been using deceptive and outright false advertising online and in spam for so long to dupe hopeful singles, that this isn't very much of a stretch for their record of awful ethics.
Nice information bits and this topic has various perspective to view like TCP/IP protocols have long been subject to man-in-the-middle (MITM) attacks, but the
advent of SSL/TLS was supposed to mitigate that risk for web transactions by providing
endpoint authentication and encryption. web site attack is like chained hub continuing the attacks in all its host websites.
"web site attack is like chained hub continuing the attacks in all its host websites."
wtf??