Thousands of Tinder Photos Dumped on a Darknet Forum

0
39

  • 70000 of Tinder photos belonging to 16000 users have been bundled and uploaded on the darknet.
  • The reason for this could be the training of a facial recognition AI, or for scamming and extortion.
  • This is almost definitely an abuse of Tinder’s API, which the company is most probably yet to secure properly.

According to recent reports, there’s a new dump circulating the realms of the dark web, consisting of about 70000 Tinder photos belonging to female users of the platform. The discovery of this dump was the work of New York investigators who were roaming the net for malicious software, but they are not revealing any more concrete information so as not to expose the individuals further. Besides the images, the dump also includes about 16000 unique Tinder user IDs, so this could be the total number of the affected individuals.

There are many possible explanations around why someone has decided to collect these images and make a neat collection out of them. Some are using them to create convincing fake user profiles on other platforms, for romance scams or other malicious purposes. Others are using such collections to train AI tools like deepfake generators or facial recognition systems. And others are using these images to target the original owners through extortion, and generally harass them. Since all of the images depict women, uploading this batch for use in “amateur non-nude” adult websites is also a dire possibility, and threatening to do it would serve as an extortion lever.

Whatever the case, the privacy of these women has been breached, and they are now seeing their personal content going well beyond what they intended and agreed to. Tinder responded to this story by confirming that this abuse is outside of what is allowed by the platform’s policies, as images of its users are now being reused without consent. Possibly, Tinder will decide to take action against the person responsible for this, and they hopefully will also do something about the security of the platform’s API. It is highly unlikely that someone collected 70000 recent Tinder user images manually, and without exploiting the company’s API.

A similar incident occurred in 2017 when someone scraped 40000 Tinder selfies by exploiting the platform’s API and used the data for AI training. What Tinder engineers did since that incident to strengthen the platform’s security has remained unclear. Even now, the platform has responded with generic promises and statements that supposedly reflect how serious they take the security and privacy of their users. If all of this is enough for you to seek for a Tinder alternative, you may check out this list. However, please note that another recent investigation has made dire revelations about Grindr and OkCupid too, so keep that in mind.