“Make America Date Again!”
That’s the website for the dating app Donald Daters reads. The app is marketed towards Donald Trump supporters who may want to find like-minded people. On Monday, Fox News reported that “users can chat for free when a match is mutual, block any potential liberals that troll them and Donald Daters is open to everyone.”
The app is open in more ways than one. Fox’s report got picked up by various media outlets around the country. Shortly thereafter, a security researcher discovered the app is exposing user information in an open database, including biographical details such as names and profile photos, but also potentially tokens for logging into peoples’ accounts and private messages.
“This is super easy to replicate,” Baptiste Robert, the security researcher who discovered the issue, and who also goes by the handle Elliot Alderson.
Alderson pointed to the apparently misconfigured database which contains the Donald Daters user information. To verify the data did come from Donald Daters, Motherboard created an account on the app, searched for users mentioned in the exposed data, found these through the app itself, and confirmed the profile photos and names matched up.
Although the exposed database also includes alleged private messages between accounts, Robert was unable to confirm their veracity: users can only send messages for free to one another after a Tinder-style match, or if the user pays monthly fee (one month costs $29.99; a year subscription costs $9.99/month.)
The app was downloaded and tested, which, as far as dating apps go, is clunky and seemingly barely functional. Despite stating preferences as “looking for women in New York City,” Motherboard was shown exclusively men who claimed to live in other parts of the country. The app allows users to post publicly as well, and there appeared to only be a few posts. Personality questions on users’ profiles asks them what they are “triggered” by, and numerous things throughout the app are misspelled or nonfunctional. The app also only lets users look at 10 people before locking them out and asking them to pay the $29.99 monthly fee.
In a statement, Donald Daters CEO Emily Moreno said “We have taken swift and decisive action to remedy the mistake and make all possible efforts to prevent this from happening again. Out of an abundance of caution, we have temporarily suspended the chat service on the app while we implement new security protocols.”