A gay dating app Jack'd will have to pay $240,000 to its users after they exposed private intimate photos on the internet for at least a year.
The parent company, Online Buddies, fixed the problem after one year they were informed by a cyber-security researcher Oliver Hough.
The researcher informed the company about the flaw in February 2018, but the firm paid heed to the problem only in February 2019.
The popular dating app had uploaded the private photos to an Amazon Web Services storage bucket, which could be easily accessed by anyone.
New York Attorney General Letitia James said the app breached the trust as well as invaded into users' privacy.
Ms. James said: "The app put users' sensitive information and private photos at risk of exposure and the company didn't do anything about it for a full year just so that they could continue to make a profit."
The firm has promised to implement a "comprehensive security program" so incidence like this are avoided and protection of its users' privacy is ensured.