Last Updated:
Nisarga alleged that he gained access to sensitive infrastructure secrets, AWS keys and even users’ private chat media on a popular India-based dating app.

‘Private Chat Images Exposed’: After CBSE Row, Nisarga Claims He Got Full Access To Indian Dating App’s Sensitive Data
Nisarga, the same cybersecurity researcher who previously went viral online for exposing alleged loopholes in major systems, including CBSE’s online checking during board exams, is back in the spotlight and this time, his claims involve a multi-million-dollar Indian dating app.
In a viral post on X, Nisarga alleged that he managed to gain access to the app’s S3 buckets, users’ media files, sensitive infrastructure information and even private keys.
“There’s an India-based dating app with a multi-million-dollar valuation. I gained full access to its S3 buckets, every user’s media (including private chat images), signing keys, private keys and other sensitive infrastructure secrets/information,” he wrote.
The post should trigger an alarm online, especially after Nisarga claimed that another researcher, @0x1622, had reportedly informed the company about one of the vulnerabilities nearly two years ago but the issue was allegedly ignored.
According to Nisarga, “the AWS keys were not even rotated.” He further claimed that although CERT-In acknowledged his security report and provided him a reference number, the founders of the dating app allegedly never responded to his emails.
Internet Reacts
Nisarga has been regularly sharing his cybersecurity initiatives on social media in what seems to be a bid to educate the public about privacy rights.
And this information was received with the same enthusiasm as expected of the internet. “Congrats on discovering the app’s love letters, now can you swipe right on fixing the security,” one user joked.
There’s an India-based dating app with a multi-million-dollar valuation. I gained full access to its S3 buckets, every user’s media (including private chat images), signing keys, private keys and other sensitive infrastructure secrets/information. pic.twitter.com/KwtnyvWTGW— nisarga (@ni5arga) July 1, 2026
Another wrote, “Wow, you just turned a dating app into a reality show, and not the cute kind. Guess the only swipe left now is from the cops.”
Some reactions were pure internet chaos. “You should have matched yourself first 😂😂,” quipped one user, while another simply reacted with: “private chat images!!?”
The viral post has once again sparked debate around cybersecurity practices at Indian startups, especially apps handling highly personal user data.
About the Author
A team of writers at News18.com bring you stories on what’s creating the buzz on the Internet while exploring science, cricket, tech, gender, Bollywood, and culture.
Read More
