Gay dating app Grindr could have exposed millions of its users' identities, including their locations, even users who opted out of the "show location" feature.
The app was made vulnerable in a similar way Facebook was, when nearly 50 million users had their data improperly gathered by a third party.
Businessman Trever Faden noticed when users signed into his website, a site that allowed Grindr users to see who blocked them, the users' identifying information also became available. Faden has since shut down his website.
A security researcher with the Electronic Frontier Foundation said, "They're putting people's lives at risk by doing that."
That could especially be true in areas where homosexuality is considered a crime or taboo. A report in 2016 said Grindr is available in 196 countries.
Grindr has taken steps toward fixing these loopholes.
