Home » Security News » Hookup App Headero Exposes Millions of Private Cha...

Hookup App Headero Exposes Millions of Private Chats and GPS Locations

Deepanker Verma June 13, 2025 Security

Add Techlomedia as a preferred source on Google.

A serious data leak has been discovered in Headero, a hookup app used mostly in queer and alternative dating communities. According to a new report by Cybernews, the app exposed over 4 million private records, including explicit messages, GPS locations, and even the STD status of users.

Cybernews researchers found the exposed data sitting in an unprotected MongoDB database. This included 352,081 user records, 3,032,001 private chats, and 1,096,904 group chat logs

The leaked information contained Names, email addresses, Social login IDs, JWT tokens, device tokens, Exact GPS coordinates, Profile photos, Sexual preferences, and STD status

This kind of data exposure is especially dangerous for people in vulnerable communities who rely on such apps for safe and private dating.

Read: Best Dating Apps in India

The leak happened due to a common but dangerous mistake: the app’s database was left open to the internet without proper authentication. While the developers claimed it was just a test server, Cybernews believes it may have been actual live user data.

Once notified, the developers quickly secured the exposed database. However, it is unclear whether any hackers or malicious actors accessed the data before it was locked down.

The Headero app is listed on the Google Play Store and is published by a U.S.-based company called ThotExperiment. The app allows users to create customized profiles, filter matches based on location, and send direct messages.

This is not the first time dating apps have leaked sensitive data. Cybernews has previously reported similar issues with other dating platforms, including apps used in BDSM, LGBTQ+, and sugar dating communities. In one case, nearly 1.5 million private images were left accessible to the public, including images from direct messages.

If you have used Headero, here are some steps to protect yourself. You should change your Headero password immediately and do not reuse passwords across platforms. If you were using the same password in any other platform, change the password there as well. Check app permissions and revoke tokens if needed. You should also avoid clicking on suspicious emails or messages. Watch out for fake profiles or unusual login activity.

Even though the database is now secured, the risk remains if bad actors accessed the data while it was exposed.

Read: How to stay safe while using online dating apps

Follow Techlomedia on Google News to stay updated.

Affiliate Disclosure:

This article may contain affiliate links. We may earn a commission on purchases made through these links at no extra cost to you.

About the Author: Deepanker Verma

Deepanker Verma is the Founder and Editor-in-Chief of TechloMedia. He holds Engineering degree in Computer Science and has over 15 years of experience in the technology sector. Deepanker bridges the gap between complex engineering and consumer electronics. He is also a a known Security Researcher acknowledged by global giants including Apple, Microsoft, and eBay. He uses his technical background to rigorously test gadgets, focusing on performance, security, and long-term value.