A Brazilian lesbian dating app, Sapphos, was taken offline after a security flaw allowed unauthorized access to usersβ personal data, including photos and ID verification selfies. The developers acknowledged the vulnerability, deleted the user database, and committed to rebuilding the app with stronger security measures. #IDOR #Sapphos #BrazilianCybersecurity
Keypoints
- The Sapphos app required users to verify their identity with selfies and government IDs.
- Independent researchers discovered an IDOR vulnerability in the appβs API, exposing sensitive data.
- The developers responded by taking the app offline, deleting the user database, and issuing refunds.
- Initial claims suggested a malicious attack, but the company admitted a security oversight.
- The team plans to rebuild the app from scratch and implement stronger cybersecurity protocols.
Read More: https://therecord.media/brazil-lesbian-dating-app-shuts-down-vulnerability