Anti-Vaxxers Looking for Love Had Their Data Exposed

Anti-Vaxxers Looking for Love Had Their Data Exposed

These days, if you’re single and ready to mingle, there are a wealth of dating apps to choose from — depending on what you’re looking for. For one-night stands, there’s Tinder; for respectful brunch dates, there’s Bumble; and for people who believe in “liking” instead of swiping, there’s Hinge. Oh, but don’t forget Unjected — a dating app for the unvaccinated that also lets you donate your blood (??) and breastmilk (???).

According to a new report, another unintended feature of this anti-vax site has been that it shares your data with the internet. Until recently, a giant security hole sat unfixed on the website, allowing anyone with the know-how to sneak onto the platform and steal or change information.

The Daily Dot was the first to note that Unjected had a massive security problem on its hands. According to the outlet, a web researcher who goes by GeopJr discovered that the site’s administrator feature was missing basic security and authentication protections. GeopJr says that the site’s administrator dashboard, which allows a person to add or edit user profiles and the site’s webpages, was left totally open to the internet because the site hadn’t been taken out of “debug mode.” Climbing into the admin seat, a cybercriminal could basically steal and edit information from the site at will.

To test this, the Dot even set up an account with the platform, after which GeopJr managed to get inside of the new account and change a bunch of information, including the test account’s username, email, and profile picture. The researcher also was able to “reply to and delete help centre tickets and reported posts,” essentially taking over all the basic administrative responsibilities of the site. He told the Daily Dot that Unjected “appeared to have been set up hastily and that basic security protocols were ignored.”

After The Daily Dot reached out to Unjected about the security issues, the site appears to have fixed the issue with the administrator privileges, but the outlet notes that “numerous non-critical bugs remain.”

So, yeah, doesn’t sound like an overall great situation. But as harrowing as they are, allow me to diverge from the security issues for a minute and jump back to the site itself because, jeez, does it have some really bizarre stuff written on it. For one thing, the site openly compares itself to Craigslist (you might remember how that site’s dating page went down in flames not long ago), then goes on to fill in the details (emphasis and weird grammatical choices theirs):

Created by two mums in Hawaii, during the height of the vaccine rollout spring 2021; Unjected is a multi-faceted platform of health conscious, covid-19 unvaccinated humans who believe in medical freedom, freedom of choice, freedom of speech & bodily autonomy. After slander in the media, we have grown to an ever multiplying 110,000 members in 85 different countries around the world in pursuit of love, friendships, community, business connections, and even mRNA free blood directories & fertility directories to protect the integrity of the population.

Wow! Finally, the Craigslist-like dating experience you’ve been searching for and a way to donate your precious bodily fluids, all in one go. What a goddamn deal. For just $US11.11 ($15) a month, you can apparently subscribe to “premium” services, whatever those entail.

We could not find a way to reach out to Unjected. Their site does not have a press portal.

The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At Gizmodo, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.