Millions of Grindr users may have had their location data sold

Grindr mobile app logo
(Image credit: Shutterstock.com / rafapress)

Dating app Grindr has reportedly been affected by a serious privacy flaw that left the location data of millions of users open to view and steal.

The Wall Street Journal (WSJ) has alleged that the gay dating app suffered issues between 2017 and 2020 due to a flaw in some of its advertising networks.

The problems meant that third parties were able to to purchase data on millions of Grindr users, to be used for any number of purposes without the users knowing anything.

Grindr privacy fears

Citing "people familiar with the matter", the WSJ says that the information first went on sale in 2017, with Grindr ending the practice two years ago to help protect its users from such rampant data collection practices.

However, the WSJ alleges that historical data could still be available, including "the precise movements" of Grindr users. Such practices could have major knock-on effects for users, with the WSJ noting that a US Catholic official was "outed" as a Grindr user last year following analysis of similar data. Homosexuality also remains illegal in several countries, potentially putting user's personal safety at risk if identified

Both the WSJ and Grindr note that personal information such as names, phone numbers or passwords were not available at any point, however details such as a user's home or work address could theoretically be determined by analyzing the location data.

Grindr, which says it has millions of gay, bi, trans and queer users across the world, has hit back against the WSJ's story, dubbing it "old news" and noting that it appears to be targeting the app's userbase.

"Victimizing LGBTQ+ people is despicable, sadly it still happens all the time," Grindr VP of Communications Patrick Lenihan wrote in a blog post concerning the article.

"The Wall Street Journal has run a sensationalized story about the historical vulnerabilities in the adtech ecosystem that were improperly exploited to allegedly obtain data from some of Grindr’s former ad partners. The issues with adtech are real, unfortunately the WSJ is using scare tactics in a ploy for clicks."

"Our users value privacy, and we continue to put our users’ needs first. The issues threatening the LGBTQ+ community are real – issues like homophobia, prejudice, and state sponsored surveillance and violence, among others. Protecting privacy and protecting the LGBTQ+ community is and must be an ongoing effort for all of us."

The company went on to "make abundantly clear" that it takes user privacy extremely seriously, and shares less user information with advertisers now than it previously had. It noted that users are also able to opt out of personalized advertising at any time.

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.