|
Dating apps pose U.S.
corporate security risk, says IBM
Send a link to a friend
[February 12, 2015] (Reuters)
- The millions of people using dating apps
on company smartphones could be exposing themselves and their employers
to hacking, spying and theft, according to a study by International
Business Machines Corp.
|
|
 IBM security researchers said 26 of 41 dating apps they analyzed on
Google Inc's Android mobile platform had medium or high severity
vulnerabilities, in a report published on Wednesday.
IBM did not name the vulnerable apps but said it had alerted the app
publishers to problems.
Dating apps have become hugely popular in the past few years due to
their instant messaging, photo and geolocation services. About 31
million Americans have used a dating site or app, according to a
2013 Pew Research Center study.
IBM found employees used vulnerable dating apps in nearly 50 percent
of the companies sampled for its research. Using the same phone for
work and play, a phenomenon known as "bring your own device," or
BYOD, means users and their employers are both open to potential
cyberattacks.
"The trouble with BYOD is that, if not managed properly, the
organizations might be leaking sensitive corporate data via
employee-owned devices," said the IBM report.
IBM said the problem is that people on dating apps let their guard
down and are not as sensitive to potential security problems as they
might be on email or websites.
If an app is compromised, hackers can take advantage of users
waiting eagerly to hear back from a potential love interest by
sending bogus "phishing" messages to glean sensitive information or
install malware, IBM said.
A phone's camera or microphone could be turned on remotely through a
vulnerable app, which IBM warned could be used to eavesdrop on
personal conversations or confidential business meetings. Vulnerable
GPS data could also lead to stalking, and a user's billing
information could be hacked to purchase things on other apps or
websites.
[to top of second column] |
IBM said it had not so far seen a rash of security breaches due to
dating apps as opposed to any other kind of social media.
Meanwhile, it recommends that dating app users limit the personal
information they divulge, use unique passwords on every online
account, apply the latest software patches and keep track of what
permissions each app has.
IAC/InterActiveCorp, which owns some of the most popular dating
apps, said its services were not at risk.
“IBM tested IAC’s dating apps - including Match, OkCupid, and Tinder
- and they were not among the apps found to exhibit the cited
vulnerabilities," the company said in a statement emailed to
Reuters.
(Reporting by Bill Rigby; Editing by Cynthia Osterman and Tom Brown)
[© 2015 Thomson Reuters. All rights
reserved.] Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
