Jack’d is paying out money make up for its picture leak.
Earlier this year, we shared with you how a single tech expert Oliver Hough discovered that there was a large hole in Jack’d’s code. It turns out, the company did not properly secure photos and data uploaded using Amazon Web Services Simple Storage Service (S3). That then allowed for anyone to see the location data, public and private photos of Jack’d’s users.
Then it was revealed that Jack’d knew about the problem for a full year before fixing it, and only did so once the problem reached media headlines. Of course, that revelation led to mass complaints against the company and program.
New York Attorney General Letitia James said in a statement, “This app put users’ sensitive information and private photos at risk of exposure and the company didn’t do anything about it for a full year just so that they could continue to make a profit.”
“This was an invasion of privacy for thousands of New Yorkers,” James added. “Today, millions of people across the country—of every gender, race, religion, and sexuality—meet and date online every day, and my office will use every tool at our disposal to protect their privacy.”
Jack’d, which is a gay app primarily used by men of color, then expressed its apologies to users. In addition, the company has announced a payment of $240,000 to New York State as a settlement to right this technological wrong. The company, which is run by parent company Online Buddies Inc., is paying this amount and amping up its security to align with the state Attorney General’s office.
“We apologize to our users for this flaw,” a spokesperson for Online Buddies told Gizmodo in a statement by email. “We worked closely with, and cooperated fully with, the New York Attorney General’s office in their investigation of this matter. With new leadership and stronger security measures in place, Jack’d users can continue to rely on the security of their personal data.”
“Online Buddies became aware of a potential security flaw in the Jack’d app that was corrected earlier this year,” said new CEN Adam Segel. “We apologize to our users for this flaw.”
Segel then added, “With new leadership and stronger security measures in place, Jack’d users can continue to rely on the security of their personal data. We greatly value all of our Jack’d users throughout the world and wish all in our community a happy and healthy pride.”
