For the second time in six months, a Grindr API security flaw has exposed location data of Grindr users. The latest security flaw involves a private Grindr API that fails to block third party access. Developers have exposed the flaw and are able to track the location of users to within 5 meters.
A pair of stories surfaced this week that serve as important reminders of how complicated, nuanced, and difficult API security really is. Even the biggest companies with the deepest pockets can't possibly be perfect when it comes to the security of their various API offerings and solutions.