Unjected, the controversial anti-vaccine dating platform, faces another bout of scrutiny as a recent security breach exposes the private data of over 35,000 users.
The latest security problem, discovered by security researcher GeopJr, tackles alarming vulnerabilities within the platform's infrastructure. It could compromise user privacy and safety.
Unjected Hit by a Glitch
(Photo : Mufid Majnun from Unsplash)
Unjected, a popular website that promotes anti-vaccine campaigns is now under attack by a glitch. The latest security issue exposes confidential information of some users.
GeopJr's investigation reveals critical flaws in Unjected's security measures, allowing unauthorized access to sensitive user information. The breach exposes personal details, including full names, birthdates, email addresses, and location data of thousands of users. Moreover, authentication issues enable malicious actors to manipulate user profiles and access private messages exchanged on the platform.
Related Article: Issue-Plagued AirPower Charges Apple Watch For the First Time: Is this an Upgraded Prototype?
History of Security Concerns
This isn't the first time Unjected has faced security-related controversies. In July 2022, GeopJr uncovered an open administrator dashboard, granting unauthorized access to crucial site functionalities. Despite attempts to rectify the issue, subsequent glitches and outages persisted, raising concerns among users regarding data protection.
Persistent Security Lapses
Despite being alerted to the security vulnerabilities by GeopJr and the Daily Dot, Unjected has failed to address the issues adequately. Efforts to patch the leak inadvertently exacerbated the situation, introducing additional vulnerabilities, including unauthorized account deactivation.
User Concerns and Insecurity
The breach has left users apprehensive about their privacy and safety on the platform. Direct messages reveal widespread distrust and unease among users regarding Unjected's security practices. Concerns range from potential government surveillance to fears of hacking and data exploitation.
Response and Lack of Transparency
(Photo : Florian Olivo from Unsplash)
After the ransomware attack in May 2020, FTC urged Blackbaud to improve its security to mitigate the impact on the affected people.
Unjected's response to the security breach has been lacking, with no public acknowledgment or assurance of enhanced security measures. Instead, the platform falsely accuses reporters of hacking attempts and offers promotional discounts, diverting attention from the severity of the issue, DailyDot reports.
"At Unjected, we know that we are on all of the government watch lists. Thank you for helping make Unjected the safest place to be for unvaccinated people. We suggest that you now use your hacking skills for good and do something to thwart the New World Order rather than messing with organizations that are fighting for Team Humanity. Someday this will all make sense to you, the anti-vaccine dating site said.
With the recent breach, Unjected users express growing apprehension and dissatisfaction with the platform's handling of sensitive information, Unjected must take immediate action to rectify security lapses and rebuild user trust.
Despite the platform's purported mission, its failure to safeguard user data undermines its credibility and raises questions about its commitment to user privacy.
Read Also: Sunbird iMessage for Android Returns After Shutting Down Due to Security Issues
