Dating app Jack’d may have allowed millions of photographs from users to become public due due to a flaw in their systems.

The BBC have reported that a researcher made company aware of the risks people’s privacy over a year ago but it seems little was done to correct the problem until the issue was raised in the media this week.

It is claimed that anyone who had a web browser may have been able to access the images, even if they didn’t have a Jack’d account of their own.  The photos that could be found online were not just profile photos, but also private images.

The app Jack’d has been downloaded more than five million times on the Google Play app store, and is also available through the iTunes store.

The app lets users add ‘private’ photos to their profile, which should be visible to only specific people they have chosen to share them with. Researcher Oliver Hough found that all the photos shared in the app were uploaded to the same open web server, leaving them exposed.

The company has not commented on the situation, or given any advice to users, but it does appear to have fixed the problem.  According to a report at Ars Technica, the website may have also made location data relating to users open to the public.

OIP Staff