-
A threat actor claims to be selling an alleged database of Grindr packed with 15 million+ user credentials on a cybercrime forum.
-
The advertised dataset reportedly includes personal details, account information, profile data, and location-related records.
-
Neither Grindr nor independent researchers have verified the authenticity of the alleged database or the source of the claimed breach.
A threat actor has reportedly listed an alleged database belonging to Grindr, one of the world’s largest dating and social networking platforms for the LGBTQ+ community, for sale on a cybercrime forum.
Daily Dark Web Intelligence first highlighted the listing on X, where it reported that the seller claimed to possess a complete Grindr user database containing more than 15 million records. The claim immediately drew attention because of the highly sensitive nature of the information allegedly included in the dataset.
However, no independent verification has confirmed that the database is genuine or that the information originated from Grindr’s systems.
The forum listing shows the seller offering the alleged database for approximately $400. The threat actor reportedly accepts several cryptocurrencies, including Litecoin (LTC), Ethereum (ETH), USDC, and USDT. The seller also directs potential buyers to Telegram and claims to provide sample records upon request.
Alleged Database Contains Extensive User Information
According to details shared in the advertisement, the dataset allegedly contains a wide range of account, profile, and activity-related information.
The seller claims the records include user IDs, UUIDs, email addresses, usernames, display names, first and last names, password hashes, authentication identifiers, and email verification details.
The listing also references profile-related information such as gender, sexual orientation, birth dates, relationship preferences, profile biographies, ethnicity-related attributes, body type details, height, weight, and profile images.
Location-related records have generated particular concern among cybersecurity observers. According to the seller, the database contains city and country information, latitude and longitude coordinates, distance settings, and location visibility preferences.
If authentic, these records could potentially reveal information about user locations and movement patterns.
Sensitive corporate assets are also being sold on dark web markets. Hackers are selling alleged Target source code, highlighting the diverse types of stolen data available to criminals.
The advertisement further claims the dataset includes account activity details such as registration dates, last active timestamps, device information, user-agent records, language preferences, timezone settings, sign-up IP data, premium subscription status, profile completion statistics, interaction records, favorites, blocks, and moderation-related information.
The seller also alleges that the database contains enforcement-related records, including suspension dates, shadowban indicators, ban explanations, deactivation timestamps, and account deletion information.
Privacy Risks Raise Serious Concerns
Cybersecurity professionals have long regarded dating platform data as one of the most sensitive categories of personal information because users often share intimate details about their identities, preferences, relationships, and daily lives.
If the advertised dataset proves genuine, attackers could potentially combine email addresses, profile details, location information, and sexual orientation-related data to launch highly targeted attacks against affected individuals.
Unlike many traditional breaches that expose only names and contact information, dating platform records can reveal deeply personal details that criminals may exploit for phishing campaigns, identity theft, extortion schemes, or social engineering operations.
Security experts have expressed additional concern about the alleged presence of geolocation-related information. When attackers combine location data with personal profile details, they could potentially use the information for stalking, harassment, doxxing, or other forms of targeted abuse.
Authenticity of the Claims Remains Unconfirmed
Despite the attention surrounding the listing, no public evidence currently confirms that the advertised database is authentic.
Cybercrime forums frequently host listings that contain recycled information, previously leaked records, scraped data, exaggerated claims, or entirely fabricated datasets designed to attract buyers.
The threat actor has not publicly provided sufficient evidence to verify the origin of the records or demonstrate that the information came directly from Grindr. It also remains unclear whether the dataset, if real, contains newly obtained information, older leaked records, scraped content, or a combination of multiple sources.
Daily Dark Web Intelligence noted that it has not independently verified either the alleged breach or the data being offered for sale.
For now, the validity of the dataset, the claimed total of more than 15 million records, and the source of the alleged compromise remain unverified. If future investigations confirm the claims, the incident could rank among the most sensitive reported data exposure cases in recent months because of the combination of identity information, profile details, account activity records, and location-related data allegedly involved.
