In fact, it really is very easy that I’m uncertain it could be called hacking. It generally does not have even to be performed deliberately – only one little click that is oblivious and abruptly somebody else is logged in less than your username.
It works such as this: whenever OkCupid provides you with a message, any links included within the e-mail contain an unique identifier called a token. When you check the page, you’re immediately logged into the OKCupid account without the need to enter your password. The overriding point is making it as facile as it is possible to get into your bank account, but it addittionally causes it to be worringly possible for somebody else doing the same task.
A journalist in the Verge discovered the safety opening after finding a forwarded OkCupid e-mail from a buddy. After reading the funny message her buddy had received from the prospective suitor, she clicked regarding the message to start to see the suitor at issue.