App meant to help people quit porn reportedly exposed the intimate habits of over 600,000 users

Published: 12 March 2026
Last updated: 16 March 2026
white spread legs in the dark blue night sky, warm lit sculpture
Statue at the sex-themed sculpture park 'Love Land' in South Korea. Chung Sung-Jun/Getty

Quittr, a popular app designed to help people with a sex addiction, has leaked intimate data on hundreds of thousands of its users.

Key takeaways:
  • Quittr exposed highly sensitive details: masturbation habits, porn viewing history, emotional struggles, including data on 100,000 minors.
  • Quittr's co-founder dismissed concerns, told 404 Media to "have a good day," and ghosted them for a week.
  • A women's dating app suffered a similar leak last year as misconfigured Google Firebase databases are becoming a dangerous pattern.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.

According to 404 Media, which was tipped by an independent researcher, a misconfiguration in Google Firebase, an app development platform, is the root cause of a leak of highly sensitive information from its users, including their age, masturbation habits, emotional struggles, and the kinds of pornography they were watching.

According to the researcher, the issue allowed anyone who could authenticate as a user to potentially access the backend database, where user information for more than 600,000 users at the time was stored, of which 100,000 were identified as minors.

ADVERTISEMENT

The researcher told the tech website that he contacted Alex Slater, Co-Founder of Quittr, on September 10th, 2025, to inform him about the vulnerability. Slater promised the analyst that he would fix the vulnerability “in the next hour.”

However, Slater and his business partner Connor McLaren didn’t fix the issue for months. In January 2026, four months after the researcher first reported the issue, he contacted Slater again, asking him why the vulnerability hadn’t been fixed.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

But according to Slater, there was no reason for concern because no sensitive user data was exposed. When 404 Media got in touch with the Co-Founder, he wished the editor “a good day” and hung up.

404 Media tried to contact Slater for a week to report that the app was still vulnerable, but never heard back from Quittr’s Co-Founder. Despite the sensitive nature of the user data, the news outlet decided to publish the story in January, without mentioning the app.

The Cybernews community is talking about this. Be a part of the conversation.

The vulnerability has recently been fixed. That’s why 404 Media decided to publicly name the app in a new article.

ADVERTISEMENT

Tea, a women-centric dating app, also had to deal with an exposed database hosted on Google Firebase last year. In August, 2025, the app's owners sent a data breach notification letter to affected users, stating that only 0.1% of users had been impacted.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Meta has quietly shipped the technology needed for facial recognition glasses
Hackers getting an easy ride: misconfigured cloud settings behind growing number of data breaches
Anthropic claims AI is too fast and needs to hit the brakes: let’s take it with a pinch of salt
US lawmakers push new bill on AI safety, state law limits, worker protections
Pewdiepie declares war on big tech following the release of his free and local AI workspace
California tech CEO busted for selling forbidden US technology to Iran’s nuclear agency
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked