Exploit: Authentication flaw.
Jack’d: Location-based chat and dating application.
Risk to Small Business: 1.888 = Severe: Even after The Register informed app developers of the security vulnerability over three months ago, the code for the Jack’d dating app still contains a serious flaw. Anyone can currently search and download photos from a web browser without needing to log in or register an account. Hackers can easily connect such photos to individuals and leverage them for extortion. The parent company known as Online Buddies has also avoided responding to the issue.
Individual Risk: 2.571 = Moderate: Users should be worried that the company has done nothing to correct or report the security incident to their customers. Not only is this breach unmitigated, but there may also be others that the app team has not disclosed. Additionally, the photos that users have previously posted can be linked to individuals through the scores of data that hackers already have.
Customers Impacted: To be determined
How it Could Affect Your Customers’ Business: Companies that do not respond to the threat of breaches are singled out in news headlines, resulting into reputation that declines exponentially until it reaches free fall. In order to feel protected, customers, want to know that online applications are investing in detection that can warn them if their data is being used in an inappropriate manner.
ClearYolk to the Rescue: We help you proactively monitor if customer data is being leaked on the Dark Web, helping reduce the losses incurred from such a breach.
