Popsugar’s Twinning app is a tool that matched your selfies with your celebrity look-alike. It was fun, trending and also leaked the same photos. The photos were easily downloadable if you knew where to look.
According to Popsugar, the app which was launched in February, compared selfies or photos uploaded with a database of celebrity photos to get you a match. The tool then gives you what it calls a “Twinning Percentage” for your top five celebrities that look like you. The matched photos could then be shared on social media platforms. If you didn’t like the match and kept the photos for yourself, Popsugar accidentally made them public.
So we're giving Popsugar a nice big facial recognition database? Is that what we're all doing now?
— Dave Lee (@DaveLeeBBC) December 31, 2018
I wanted so bad to try out this app to see if I really looked like Pharrell Williams as some of my colleagues have suggested. With privacy scandals rocking 2018, I was very cautious since most tech companies this year have mishandled a lot of user data and Popsugar was no different.
“I should’ve taken a better selfie if Popsugar was going to leak it anyway”
The photos were being uploaded to Amazon Web Services on an open storage bucket hosted on the cloud service. Techcrunch found out that when you opened that storage bucket URL, you could see a real-time stream of uploaded photos. They even uploaded dummy photos and if you scraped the filenames uploaded, you could find the same dummy photo uploaded.
But it’s just a selfie?
Most of you didn’t take part in the app knowing that the Twinning tool was secure but nevertheless you should still be cautious when sharing your information with such free tools. Once your information is out there, you don’t have control over how it’s going to be used or abused
Popsugar has since closed the photo leak and their VP of engineering, Mike Patnode said that they hadn’t correctly set up the bucket permissions. Even after this fix, the photos are still available on Google image search.
This privacy breach is another wake-up call and as we are all writing up our New Year Resolutions, it’s imperative that you also include the need to be cautious over what you share online going by what 2018 privacy scandals have taught us over mishandling of user data.
My procrastination to join this trend won the day but as 2019 begins, companies that hold our data need to do better, seriously.