Gay Dating App Manhunt Hacked, Users' Data Exposed

Gay dating app Manhunt was hacked in February, company officials have confirmed .

Manhunt, which claims to have over 6 million user, says a hacker caused a data breach that exposed users' profiles and that the hacker "downloaded the usernames, email addresses and passwords for a subset of our users in early February 2021," according to a statement submitted to the Washington State attorney general.

At first the company didn't disclose how many accounts were exposed in the data breach, but it later revealed that more than 7,700 users were affected in Washington State. Stacy Brandenburg, an attorney representing Manhunt, told Tech Crunch that 11 percent of the app's users were affected in total.

In the statement to the attorney general, Brandenburg wrote, "Manhunt immediately took steps to remediate the threat and secure its systems. Passwords were forced-reset for affected user accounts, and we retained a third-party forensics consultant on behalf of Manhunt to assist us in investigating what happened and confirm that there is no ongoing unauthorized access to Manhunt systems."

Back in March, Manhunt tweeted that users should change their passwords. "At this time, all Manhunt users are required to update their password to ensure it meets the updated password requirements," the company tweeted. "If you are having trouble resetting your password, please follow the provided steps carefully." However, it did not disclose that accounts had been hacked.

Manhunt isn't the first gay dating app to face a data leak like this. In 2019, Jack'd, another gay dating app owned by Online-Buddies Inc. at the time (the owner of Manhunt), faced a security lapse that exposed users' information, location, and private photos. That same year, Rela, a popular dating app for lesbians and queer women in China, left a server unsecured without a password, exposing data like location and sexual orientation of more than 5 million users.

Back in 2018, Grindr, the most popular gay dating app, was found to be sharing data it collected about users' HIV status with other companies. The app was sharing HIV status and "last tested date" as well as GPS data, phone ID, and email of its users with Apptimize and Localytics, two companies that help optimize apps. After the sharing was made public, Grindr announced it would stop sharing the information.