After leaving users’ private photos exposed for more than a year, the gay dating and hookup app Jack’d has to pay out, literally. The app’s owner Online Buddies has agreed to cough up $240,000 in a settlement with the New York attorney’s office for their negligence with the sensitive data of 7,000 New York users.
As Out reported in February, Jack’d updated the app to close the loophole discovered by cybersecurity researcher Oliver Hough that allowed people to access supposedly private photos uploaded to Jack’d. While reports, at the time said that Hough had emailed Jack’d three months prior, he revealed to Out via screenshots that the emails dated back a year. Jack’d and Online Buddies did not take any action until after Hough went to the press. British tabloid The Register first broke the story.
“I don’t feel they were quick enough to respond and I believe they only rushed to get it fixed after they knew the story was going to be published,” Hough told Out at the time. “I’m glad they have rolled out a fix, though it took too long to get here.” New York Attorney General Letitia James felt similarly.
“This app put users’ sensitive information and private photos at risk of exposure and the company didn’t do anything about it for a full year just so that they could continue to make a profit,” said James said in a statement about the settlement on Friday. “This was an invasion of privacy for thousands of New Yorkers. Today, millions of people across the country — of every gender, race, religion, and sexuality — meet and date online every day, and my office will use every tool at our disposal to protect their privacy.”
In addition to the financial settlement, which will go to the state of New York, Online Buddies must implement a “comprehensive security program.”