A threat actor is claiming to be selling data allegedly stolen from dating app Grindr, raising concerns about the exposure of sensitive user information, including location details and password-related data. The dataset recently appeared on a cybercrime forum, where the seller posted sample records in an attempt to prove the authenticity of the offering.
According to Cybernews researchers who reviewed the listing, the threat actor shared 18 sample records allegedly linked to Grindr users. The exposed information reportedly includes full names, dates of birth, geolocation data, device information, and password hashes. Some of the sample records contained timestamps from May 2026, suggesting the data may be recent.
The seller claims to possess a much larger dataset, although the total number of affected users has not been disclosed. At this stage, there is no independent confirmation that the records originated from Grindr or that the alleged database was obtained through a direct compromise of the company’s systems.
Researchers noted that the password data included bcrypt and SHA256 hashes rather than plaintext passwords. While hashed passwords cannot be read directly, attackers can attempt to crack them using offline password-cracking tools. If successful, the recovered credentials could potentially be used in credential-stuffing attacks against other online services where victims reused the same passwords.
The alleged exposure of location information is particularly sensitive given the nature of the platform. Grindr is widely used by LGBTQ+ individuals, and precise location data could reveal personal details about users’ movements and whereabouts. Researchers warned that such information could increase privacy and safety risks if the data proves authentic.
Cybernews researchers said the sample records appear to contain a combination of personal and technical information. In addition to names and dates of birth, the records allegedly include device identifiers and other metadata that could help attackers build detailed profiles of affected individuals.
The appearance of the data follows a series of recent claims involving dating platforms. Earlier this week, threat actors also advertised alleged datasets linked to other dating services, though the authenticity and origins of many such claims remain under investigation.
Grindr has not publicly confirmed a breach related to the dataset advertised on the cybercrime forum. Until further verification is available, the claims should be treated cautiously. However, security researchers recommend that users ensure they are using unique passwords for their accounts and enable additional security protections where available in case the exposed data is later confirmed to be genuine.