According to the Norwegian security company SINTEF, Grindr, a social network for gays and bisexuals with 3.6 million active users, has shared confidential information of its users without their consent with the external companies Apptimize and Localytics. Within this information there are public data such as name, email and city but also sensitive information such as the exact location via GPS or the HIV status of the user.
Scott Chen, CTO of Grindr, explained that the company uses standard practices to share information with the aim of improving the user experience as do hundreds of highly prestigious companies. He also indicated that the data is not sold to third parties and they are subject to strict contractual terms that do not allow them to share the information.
A few days ago Grindr a researcher managed to use the API features to access restricted information such as unread messages, deleted photos or data on the location of users.