Yearly Archives: 2020

News: Controversial former Uber exec Emil Michael has registered plans for a $250 million SPAC

• October 3, 2020
• by:   
• in:  Blog 
• note:  no comments 

SPACs, or special purpose acquisition companies, are all the rage right now, and people are emerging from all corners to raise them. Among the latest entrants — and someone who might be of interest to Silicon Valley watchers — is Emil Michael, a former Uber executive and top lieutenant to former CEO Travis Kalanick. Earlier

SPACs, or special purpose acquisition companies, are all the rage right now, and people are emerging from all corners to raise them.

Among the latest entrants — and someone who might be of interest to Silicon Valley watchers — is Emil Michael, a former Uber executive and top lieutenant to former CEO Travis Kalanick. Earlier today, Micheal registered plans with the SEC to raise $250 million in an IPO for a blank-check company that will broadly acquire a company in the tech sector.

IPO Edge had reported earlier today that the SPAC might be in the works.

The filing lists as special advisors Alphabet’s former executive chairman Eric Schmidt, and Betsy Atkins, a founder of Ascend Communications and investor who has served on so many boards that last year she wrote a book about it. Indeed, among her other roles currently, she’s on the boards of Volvo, Wynn Resorts, and Oyo Hotels.

Michael was as senior vice president of field operations at Tellme Networks, then later served as COO of the startup Klout before landing at Uber, where he was a senior vice president for business for nearly four years.

He gained prominence in the role, but also some disrepute after he publicly made comments about hiring opposition researchers to quite journalists critical of the company and following a later report that he had attended an “escort bar” in Seoul with other Uber executives, including Kalanick. Indeed, when he left the company in 2017, Uber declined to say if he left of his own accord.

Despite — or perhaps even because of — his trajectory at Uber, Michael was reportedly vetted at one point for the position of Secretary of Transportation after Donald Trump was elected president. Now, he apparently sees a way to jump back into tech by using a SPAC to take public a still privately held company.

Certainly, it’s happening with a small but growing number of tech companies, including electric vehicle makers, such as the troubled Nikola, and the electric-truck maker Hyliion, which revealed plans in August to go public through a reverse merger into a SPAC. (Nikola is already publicly traded; Hylion’s deal is expected to close in the fourth quarter.)

But many other sectors of the economy are seemingly up for grabs. Just yesterday, Hims, a direct-to-consumer company that sells health products and services targeted at young men and women, revealed that it will go going public by merging a SPAC sponsored by Oaktree Capital Management.

Last month, Opendoor,  a home buying and selling platform, separately agreed to go public via a reverse merger with Social Capital Hedosophia Holdings Corp II, one of numerous SPACs that have been successfully raised by investor Chamath Palihapitiya.

And in late August, Desktop Metal, a Burlington, Ma.-based maker of 3D metal printing systems, agreed to go public via a reverse merger with a SPAC formed last year by veteran telecom investor Leo Hindery called Trine Acquisition Corp.

Michael has a bit more M&A experience than some who are beginning to take an interest in SPACs. For example, he was involved in selling Uber’s China business in 2016 to rival Didi Chiuxing in exchange for a stake in the company.

According to Kristi Marvin, a former investment banker who now runs the data site SPACInsider, she’s having and hearing about conversations with a much wider circle of people interested in launching SPACs than in past years — and not all of them are necessarily equipped to manage the vehicles.

“You ask, ‘Have you ever acquired a company for $500 million or more? Do you have operating experience in the vertical that you’re targeting? Do you understand the reporting requirements involved?’ Often the answers are no.”

News: Google research lets sign language switch ‘active speaker’ in video calls

• October 3, 2020
• by:   
• in:  Blog 
• note:  no comments 

An aspect of video calls that many of us take for granted is the way they can switch between feeds to highlight whoever’s speaking. Great — if speaking is how you communicate. Silent speech like sign language doesn’t trigger those algorithms, unfortunately, but this research from Google might change that. It’s a real-time sign language

An aspect of video calls that many of us take for granted is the way they can switch between feeds to highlight whoever’s speaking. Great — if speaking is how you communicate. Silent speech like sign language doesn’t trigger those algorithms, unfortunately, but this research from Google might change that.

It’s a real-time sign language detection engine that can tell when someone is signing (as opposed to just moving around) and when they’re done. Of course it’s trivial for humans to tell this sort of thing, but it’s harder for a video call system that’s used to just pushing pixels.

A new paper from Google researchers, presented (virtually, of course) at ECCV, shows how it can be done efficiency and with very little latency. It would defeat the point if the sign language detection worked but it resulted in delayed or degraded video, so their goal was to make sure the model was both lightweight and reliable.

The system first runs the video through a model called PoseNet, which estimates the positions of the body and limbs in each frame. This simplified visual information (essentially a stick figure) is sent to a model trained on pose data from video of people using German Sign Language, and it compares the live image to what it thinks signing looks like.

Image Credits: Google

This simple process already produces 80 percent accuracy in predicting whether a person is signing or not, and with some additional optimizing gets up to 91.5 percent accuracy. Considering how the “active speaker” detection on most calls is only so-so at telling whether a person is talking or coughing, those numbers are pretty respectable.

In order to work without adding some new “a person is signing” signal to existing calls, the system pulls clever a little trick. It uses a virtual audio source to generate a 20 kHz tone, which is outside the range of human hearing, but noticed by computer audio systems. This signal is generated whenever the person is signing, making the speech detection algorithms think that they are speaking out loud.

Right now it’s just a demo, which you can try here, but there doesn’t seem to be any reason why it couldn’t be built right into existing video call systems or even as an app that piggybacks on them. You can read the full paper here.

News: The next big tech hearing is scheduled for October 28

• October 2, 2020
• by:   
• in:  Blog 
• note:  no comments 

A day after the Senate Commerce Committee moved forward with plans to subpoena the CEOs of Twitter, Facebook and Google, it looks like some of the most powerful leaders in tech will testify willingly. Twitter announced late Friday that Jack Dorsey would appear virtually before the committee on October 28, just days before the U.S.

A day after the Senate Commerce Committee moved forward with plans to subpoena the CEOs of Twitter, Facebook and Google, it looks like some of the most powerful leaders in tech will testify willingly.

Twitter announced late Friday that Jack Dorsey would appear virtually before the committee on October 28, just days before the U.S. election. While Twitter is the only company that’s openly agreed to the hearing so far, Politico reports that Sundar Pichai and Mark Zuckerberg also plan to appear.

Members of both parties on the committee planned to use the hearings to examine Section 230, the key legal shield that protects online platforms from liability from the content their users create.

As we’ve discussed previously, the political parties are approach Section 230 from very different perspectives. Democrats see threatening changes to Section 230 as a way to force platforms to take toxic content like misinformation and harassment more seriously.

Many Republicans believe tech companies should be stripped of Section 230 protections because platforms have an anti-conservative bias — a claim that the facts don’t bear out.

Twitter had some choice words about that perspective, calling claims of political bias an “unsubstantiated allegation that we have refuted on many occasions to Congress” and noting that those accusations have been “widely disproven” by researchers.

“We do not enforce our policies on the basis of political ideology,” the company added.

It sounds like the company and members of the Senate have very different agendas. Twitter indicated that it plans to use the hearing’s timing to steer the conversation toward the election. Politico also reports that the scope of the hearing will be broadened to include “data privacy and media consolidation” — not just Section 230.

A spokesperson tweeting on the company’s public policy account insisted that the hearing “must be constructive,” addressing how tech companies can protect the integrity of the vote.

“At this critical time, we’re committed to keeping our focus squarely on what matters the most to our company: joint efforts to protect our shared democratic conversation from harm — from both foreign and domestic threats,” a Twitter spokesperson wrote.

Regardless of the approach, dismantling Section 230 could prove potentially catastrophic for the way the internet as we know it works, so the stakes are high, both for tech companies and for regular internet users.

News: Twitter will make users remove tweets hoping Trump dies of COVID-19

• October 2, 2020
• by:   
• in:  Blog 
• note:  no comments 

President Donald Trump’s positive COVID-19 result has made Twitter a busy place in the past 24 hours, including some tweets that have publicly wished — some subtly and others more directly — that he die from the disease caused by coronavirus. Twitter put out a reminder to folks that it doesn’t allow tweets that wish

President Donald Trump’s positive COVID-19 result has made Twitter a busy place in the past 24 hours, including some tweets that have publicly wished — some subtly and others more directly — that he die from the disease caused by coronavirus.

Twitter put out a reminder to folks that it doesn’t allow tweets that wish or hope for death or serious bodily harm or fatal disease against anyone. Tweets that violate this policy will need to be removed, Twitter said Friday. However, it also clarified that this does not automatically mean suspension. Several new outlets misreported that users would be suspended automatically. Of course, that doesn’t mean users won’t be suspended.

Motherboard reported that users would be suspended, citing a statement from Twitter. That runs slightly counter to Twitter’s public statement on its own platform.

On Thursday evening, Trump tweeted that he and his wife and First Lady Melania Trump had tested positive for COVID-19. White House physician Sean Conley issued a memo Friday confirming the positive results of SAR-Cov-2 virus, which often more commonly known as COVID-19.  Trump was seen boarding a helicopter Friday evening that was bound for Walter Reed Medical Center for several days of treatment.

The diagnosis sent shares tumbling Friday on the key exchanges, including Nasdaq. The news put downward pressure on all major American indices, but heaviest on tech shares.

News: 2 Kindred Capital partners discuss the firm’s focus and equitable venture model

• October 2, 2020
• by:   
• in:  Blog 
• note:  no comments 

Kindred Capital, the London-based VC that backs early-stage founders in Europe and Israel, recently closed its second seed fund at £81 million. Out if its first fund raised in 2018, the firm has backed 29 companies. They include Five, which is building software for autonomous vehicles; Paddle, SaaS for software e-commerce; Pollen, a peer-to-peer marketplace

Kindred Capital, the London-based VC that backs early-stage founders in Europe and Israel, recently closed its second seed fund at £81 million.

Out if its first fund raised in 2018, the firm has backed 29 companies. They include Five, which is building software for autonomous vehicles; Paddle, SaaS for software e-commerce; Pollen, a peer-to-peer marketplace for experiences and travel; and Farewill, which lets users create a will online.

However, what sets Kindred apart from most other seed VCs is its “equitable venture” model that sees the founders it backs get carry in the fund, effectively becoming co-owners of Kindred. Once the VC’s LPs have their investment returned, along with the firm’s partners, the portfolio founders share any subsequent fund profits.

To learn more about Kindred’s investment focus going forward and how its equitable venture model works in practice, I caught up with partners Leila Rastegar Zegna and Chrys Chrysanthou. We also discussed closing deals remotely and how the VC approaches diversity and inclusion.

TechCrunch: Kindred Capital backs seed-stage startups across Europe and in Israel. Can you elaborate a bit more on the fund’s remit, such as sector or specific technologies, and what you look for in founders and startups at such an early stage?

Rastegar Zegna: As a fund, we are very focused on the founder(s), so everything starts there. We try to drill down and get to know them as people and leaders, first and foremost. Do they have what it takes to get the company off the ground, the resilience to get through the inevitable ups and downs of startup life and through the scaling years to make this a massive outcome for the team and the investors?

The second element we spend time thinking about is the market itself and how big the company can grow within the constraints of that market. We also think deeply about the timing of the business, especially if they are trying to create a new market, such as in quantum computing, for example.

Chrysanthou: It’s also worth mentioning that many investors talk about product-market fit, but we are also great believers in founder-market fit. In other words, a founder who might be successful in one market, might well fail in another, as different skills are required and even different personality types might be better suited. One way we assess this is to look for deep insights they have to the problem they’re trying to solve and how they think about their market.

After that, we are fairly sector-agnostic, which is why we have such a diverse portfolio, ranging from consumer products through to deep science.

How has the coronavirus pandemic and resulting lockdowns and social distancing affected the way you source and close deals?

Rastegar Zegna: Initially, we moved everything to video calls, like pretty much everyone else in the industry. Upon reflection, however, we realized that we were just using a new tool (e.g. Zoom) but in the old way — meaning, any meeting we used to have at Kindred HQ, we just transitioned onto Zoom. The interesting transition we’re going through now is to create a new way of working around the tool. That means for some meetings, Zoom will be the most effective medium of communication. For others it may be an audio call, and for a third category of discussion, a walking meeting in the park may be what’s called for. But the opportunity is to throw out the playbook written by inertia and generally accepted industry working norms, and create a first principles approach to the way in which we do business to optimize for the best outcome.

News: Daily Crunch: Twitter confronts image-cropping concerns

• October 2, 2020
• by:   
• in:  Blog 
• note:  no comments 

Twitter addresses questions of bias in its image-cropping algorithms, we take a look at Mario Kart Live and the stock market takes a hit after President Trump’s COVID-19 diagnosis. This is your Daily Crunch for October 2, 2020. The big story: Twitter confronts image-cropping concerns Last month, (white) PhD student Colin Madland highlighted potential algorithmic

Twitter addresses questions of bias in its image-cropping algorithms, we take a look at Mario Kart Live and the stock market takes a hit after President Trump’s COVID-19 diagnosis. This is your Daily Crunch for October 2, 2020.

The big story: Twitter confronts image-cropping concerns

Last month, (white) PhD student Colin Madland highlighted potential algorithmic bias on Twitter and Zoom — in Twitter’s case, because its automatic image cropping seemed to consistently highlight Madland’s face over that of a Black colleague.

Today, Twitter said it has been looking into the issue: “While our analyses to date haven’t shown racial or gender bias, we recognize that the way we automatically crop photos means there is a potential for harm.”

Does that mean it will stop automatically cropping images? The company said it’s “exploring different options” and added, “We hope that giving people more choices for image cropping and previewing what they’ll look like in the tweet composer may help reduce the risk of harm.”

The tech giants

Nintendo’s new RC Mario Kart looks terrific — Mario Kart Live (with a real-world race car) makes for one hell of an impressive demo.

Tesla delivers 139,300 vehicles in Q3, beating expectations — Tesla’s numbers in the third quarter marked a 43% improvement from the same period last year.

Zynga completes its acquisition of hyper-casual game maker Rollic — CEO Frank Gibeau told me that this represents Zynga’s first move into the world of hyper-casual games.

Startups, funding and venture capital

Elon Musk says an update for SpaceX’s Starship spacecraft development program is coming in 3 weeks —  Starship is a next-generation, fully reusable spacecraft that the company is developing with the aim of replacing all of its launch vehicles.

Paired picks up $1M funding and launches its relationship app for couples — Paired combines audio tips from experts with “fun daily questions and quizzes” that partners answer together.

With $2.7M in fresh funding, Sora hopes to bring virtual high school to the mainstream — Long before the coronavirus, Sora was toying with the idea of live, virtual high school.

Advice and analysis from Extra Crunch

Spain’s startup ecosystem: 9 investors on remote work, green shoots and 2020 trends — While main hubs Madrid and Barcelona bump heads politically, tech ecosystems in each city have been developing with local support.

Which neobanks will rise or fall? — Neobanks have led the $3.6 billion in venture capital funding for consumer fintech startups this year.

Asana’s strong direct listing lights alternative path to public market for SaaS startups — Despite rising cash burn and losses, Wall Street welcomed the productivity company.

Everything else

American stocks drop in wake of president’s COVID-19 diagnosis — The news is weighing heavily on all major American indices, but heaviest on tech shares.

Digital vote-by-mail applications in most states are inaccessible to people with disabilities — According to an audit by Deque, most states don’t actually have an accessible digital application.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 3pm Pacific, you can subscribe here.

News: Index Ventures’ Nina Achadjian and Sarah Cannon: ‘There’s basically an infinite bid’ for growth-stage startups

• October 2, 2020
• by:   
• in:  Blog 
• note:  no comments 

The venture world is swimming in capital these days, and the flood doesn’t appear to be abating. That’s changing the game for venture capitalists and their firms, which transformed from solo practitioners focused on one stage and a single geographical area to covering all startups in all geos in all industries in just a handful

The venture world is swimming in capital these days, and the flood doesn’t appear to be abating.

That’s changing the game for venture capitalists and their firms, which transformed from solo practitioners focused on one stage and a single geographical area to covering all startups in all geos in all industries in just a handful of years.

One firm that has navigated those changes for decades is Index Ventures, one of the first funds to launch in Europe that has evolved into a multi-stage firm in recent years. The firm last raised a total of $2 billion this past April to continue doubling down on all the deals springing up across the world.

This week on Extra Crunch Live, I interviewed Nina Achadjian and Sarah Cannon, two SF-based partners at Index, to discuss what they are seeing in the market, how VC fundraises have changed and continue to change and how they are adapting to the rise of rolling funds and other new seed vehicles. This was the first time that the two came together for a panel, and our conversation was a real blast.

Here’s an edited and condensed version of the conversation, with highlights of the best insights from the panel.

“It’s not easy to just sit on the sidelines and wait till things sort themselves out.”

TechCrunch: September is traditionally a time for fundraises to kick off for the fall, but in this COVID-19 world, everything is different. Who is fundraising right now and what do you see going on?

Nina Achadjian: Well, there are two things. One, there was an incredible pull from the market for technology tools. So many businesses that had put off buying technology or investing in technology really all of a sudden found themselves in a digitally-first world or a digital-only world and therefore, there was a massive pull for technology products. It’s the reason why companies like Shopify and others in the public markets have had just amazing, record quarters.

The second thing is, in venture when we raise these funds, we have a certain time period to deploy them, usually anywhere from two years to five years. So for us as investors, it’s not easy to just sit on the sidelines and wait till things sort themselves out.

So actually, a lot of venture investors have piggybacked off of this incredible pull from the market side and have been investing, I would say, at the same pace, or even a faster pace than we were before.

“There’s basically an infinite bid for these companies.”

Are those paces the same for all stages?

News: Twitter is building ‘Birdwatch,’ a system to fight misinformation by adding more context to tweets

• October 2, 2020
• by:   
• in:  Blog 
• note:  no comments 

Twitter is developing a new product called “Birdwatch,” which the company confirms is an attempt at addressing misinformation across its platform by providing more context for tweets, in the form of notes. Tweets can be added to “Birdwatch” — meaning flagged for moderation — from the tweet’s drop-down menu, where other blocking and reporting tools

Twitter is developing a new product called “Birdwatch,” which the company confirms is an attempt at addressing misinformation across its platform by providing more context for tweets, in the form of notes. Tweets can be added to “Birdwatch” — meaning flagged for moderation — from the tweet’s drop-down menu, where other blocking and reporting tools are found today. A small binoculars icon will also appear on tweets published to the Twitter Timeline. When the button is clicked, users are directed to a screen where they can view the tweet’s history of notes.

Based on screenshots of Birdwatch unearthed through reverse engineering techniques, a new tab called “Birdwatch Notes” will be added to Twitter’s sidebar navigation, alongside other existing features like Lists, Topics, Bookmarks and Moments.

This section will allow you to keep track of your own contributions, aka your “Birdwatch Notes.”

The feature was first uncovered this summer in early stages of development by reverse engineer Jane Manchun Wong, who found the system through Twitter’s website. At the time, Birdwatch didn’t have a name, but it clearly showed an interface for flagging tweets, voting on whether or not the tweet was misleading, and adding a note with further explanations.

Twitter updated its web app a few days after her discovery, limiting further investigation.

This week, however, a very similar interface was again discovered in Twitter’s code, this time on iOS.

According to social media consultant Matt Navarra, who tweeted several more screenshots of the feature on mobile, Birdwatch allows users to attach notes to a tweet. These notes can be viewed when clicking on the binoculars button on the tweet itself.

In other words, additional context about the statements made in the tweet would be open to the public.

What’s less clear is whether everyone on Twitter will be given access to annotate tweets with additional context, or whether this permission will require approval, or only be open to select users or fact checkers.

Twitter early adopter and hashtag inventor Chris Messina openly wondered if Birdwatch could be some sort of “citizen’s watch” system for policing disinformation on Twitter. It turns out, he was right.

According to line items he found within Twitter’s code, these annotations — the “Birdwatch Notes” — are referred to as “contributions,” which does seem to imply a crowdsourced system. (After all, a user would contribute to a shared system, not to a note they were writing for only themselves to see.)

Image Credits: Chris Messina

Crowdsourcing moderation wouldn’t be new to Twitter. For several years, Twitter’s live-streaming app Periscope has relied on crowdsourcing techniques to moderate comments on its real-time streams in order to clamp down on abuse.

There is still much we don’t know about how Birdwatch will work from a non-technical perspective, however. We don’t know if everyone will have the same abilities to annotate tweets, how attempts to troll this system will be handled, or what would happen to a tweet if it got too many negative dings, for example.

In more recent months, Twitter has tried to take a harder stance on tweets that contain misleading, false or incendiary statements. It has even gone so far as to apply fact-check labels to some of Trump’s tweets and has hidden others behind a notice warning users that the tweet has violated Twitter’s rules. But scaling moderation across all of Twitter is a task the company has not been well-prepared for, as it built for scale first, then tried to figure out policies and procedures around harmful content after the fact.

Reached for comment, Twitter declined to offer details regarding its plans for Birdwatch, but did confirm the feature was designed to combat the spread of misinformation.

“We’re exploring a number of ways to address misinformation and provide more context for tweets on Twitter,” a Twitter spokesperson told TechCrunch. “Misinformation is a critical issue and we will be testing many different ways to address it,” they added.

News: Google wakes up from its VR daydream

• October 2, 2020
• by:   
• in:  Blog 
• note:  no comments 

Daydream, Google’s mobile-focused virtual reality platform is losing official support from Google, Android Police reports. The company confirmed that it will no longer be updating the Daydream software, with the publication noting that “Daydream may not even work on Android 11” as a result of this. This isn’t surprising to anyone who has been tracking

Daydream, Google’s mobile-focused virtual reality platform is losing official support from Google, Android Police reports. The company confirmed that it will no longer be updating the Daydream software, with the publication noting that “Daydream may not even work on Android 11” as a result of this.

This isn’t surprising to anyone who has been tracking the company’s moves in the space. After aggressive product rollouts in 2016 and 2017, Google quickly abandoned its VR efforts which, much like the Samsung Gear VR, allowed users to drop a compatible phone into a headset holster and use the phone’s display and compute to power VR experiences. After Apple’s announcement of ARKit, the company did a hard pivot away from VR, turning its specialty AR platform Tango into ARCore, an AR developer platform that has also not seen very much attention from Google in recent months.

Google bowing out of official support from Daydream comes after years without product updates to their own View headset and very little investment in their content ecosystem which wrecked the chances of Lenovo’s third-party effort the standalone Mirage Solo.

What went wrong? Once it became clear that Daydream wasn’t going to be an easy win, they kind of just abandoned the effort. Google’s hardware business is already peanuts to their search and ads business so it probably wasn’t clear what the point was, but virtual reality also quickly went from being the “it” technology to work on to clearly being a labor of love for a select few. Google determined it wasn’t the effort while Facebook continued to double down. It’s hard to fault them for it, in 2020, even with some very good hardware on the way from Oculus, it still isn’t clear what VR’s future looks like.

It is clear, however, that Daydream won’t be part of it.

News: A security flaw in Grindr let anyone easily hijack user accounts

• October 2, 2020
• by:   
• in:  Blog 
• note:  no comments 

Grindr, one of the world’s largest dating and social networking apps for gay, bi, trans, and queer people, has fixed a security vulnerability that allowed anyone to hijack and take control of any user’s account using only their email address. Wassime Bouimadaghene, a French security researcher, found the vulnerability and reported the issue to Grindr.

Grindr, one of the world’s largest dating and social networking apps for gay, bi, trans, and queer people, has fixed a security vulnerability that allowed anyone to hijack and take control of any user’s account using only their email address.

Wassime Bouimadaghene, a French security researcher, found the vulnerability and reported the issue to Grindr. When he didn’t hear back, Bouimadaghene shared details of the vulnerability with security expert Troy Hunt to help.

The vulnerability was fixed a short time later.

Hunt tested and confirmed the vulnerability with help from a test account set up by Scott Helme, and shared his findings with TechCrunch.

Bouimadaghene found the vulnerability in how the app handles account password resets.

To reset a password, Grindr sends the user an email with a clickable link containing an account password reset token. Once clicked, the user can change their password and is allowed back into their account.

But Bouimadaghene found that Grindr’s password reset page was leaking password reset tokens to the browser. That meant anyone could trigger the password reset who had knowledge of a user’s registered email address, and collect the password reset token from the browser if they knew where to look.

Secret tokens used to reset Grindr account passwords, which are only supposed to be sent to a user’s inbox, were leaking to the browser. (Image: Troy Hunt/supplied)

The clickable link that Grindr generates for a password reset is formatted the same way, meaning a malicious user could easily craft their own clickable password reset link — the same link that was sent to the user’s inbox — using the leaked password reset token from the browser.

With that crafted link, the malicious user can reset the account owner’s password and gain access to their account and the personal data stored within, including account photos, messages, sexual orientation and HIV status and last test date.

“This is one of the most basic account takeover techniques I’ve seen,” Hunt wrote.

With a leaked password reset token, an attacker could reset a user’s password, hijack their account and access their private data. (Image: Troy Hunt/supplied)

In a statement, Grindr’s chief operating officer Rick Marini told TechCrunch: “We are grateful for the researcher who identified a vulnerability. The reported issue has been fixed. Thankfully, we believe we addressed the issue before it was exploited by any malicious parties.”

“As part of our commitment to improving the safety and security of our service, we are partnering with a leading security firm to simplify and improve the ability for security researchers to report issues such as these. In addition, we will soon announce a new bug bounty program to provide additional incentives for researchers to assist us in keeping our service secure going forward,” the company said.

Grindr has about 27 million users, with about 3 million using the app every day. Grindr was sold earlier this year by its former Chinese owner, Beijing Kunlun, to a Los Angeles-based company said to be led largely by Americans, following accusations that the company’s Chinese ownership constituted a national security threat.

Last year, it was reported that while under Chinese ownership, Grindr allowed engineers in Beijing access to the personal data of millions of U.S. users, including their private messages and HIV status.

You can send tips securely over Signal and WhatsApp to +1 646-755-8849 or send an encrypted email to: zack.whittaker@protonmail.com