Security alert: Apps with 142.5M downloads caught leaking user details
There are thousands of apps available for Android devices, but not all are secure as they could be. Every time you download a new application, there is a slight possibility that it can put your data at risk. Tap or click here to see how 100 million users’ data got exposed through various misconfigurations.
And it’s not just unknown developers that leave something unpatched or vulnerable. There have been several instances where experienced companies put their users at risk. Whether through negligence or ignorance.
Now, a handful of apps have been caught leaking users’ information. Making matters worse is the popularity of the apps in question. They have been downloaded more than 142 million times.
Here’s the backstory
The CyberNews security team looked at the top Android apps on the Google Play Store and analyzed them for security flaws. What the team found were 14 apps that had been misconfigured through the Firebase platform.
The platform is owned by Google and is used to create mobile and web applications. It is the most used development tool for Android apps. It makes up the backbone of many apps, so if something isn’t configured the way it should be, it can lead to severe problems.
This is what the CyberNews team identified with 14 apps it analyzed. The platform for each app was configured in such a way that anybody with a bit of tech knowledge could access their real-time databases and all the user information stored. This was possible without any authentication.
The team alerted Google to the security issue and fixed the flaw for four of the apps immediately. NOTE: Google didn’t respond about the remaining apps, so the security researchers are withholding their names until they are safe.
The apps that have been fixed include:
- Universal TV Remote Control
- Remote for Roku: Codematics
- Hybrid Warrior: Dungeon of the Overlord
- Find My Kids: Child Cell Phone Location Tracker
What you can do about it
The flaw is a technical problem that can only be fixed with a patch by developers. Thus, there isn’t anything that you can do to fix the problem yourself.
Web app data leaked: 38M records exposed, including vaccination statuses
Do you know how many websites store your personal information? Think about all the accounts you have. Many of them store user information using third-party software and servers. And hackers remain a constant threat of stealing your data.
Prepare to be shocked: See everywhere Facebook has followed you around the web
It shouldn’t come as a surprise that social media giant Facebook knows a lot about you. Most people fill out their profile information as thoroughly as possible, allowing them to connect to more people.
Besides signing into different websites and services with your Facebook credentials, you could reasonably expect that it stops tracking you as soon as you leave the platform. After all, what business does it have knowing what you do? Another Facebook data breach? Tap or click here to find out if your account was exposed.
Has WhatsApp been sharing your data with Facebook for years?
Facebook is one of the worst tech companies when it comes to safeguarding its users’ privacy. It’s been known to share your personal information with advertisers to provide targeted ads and third-party companies like Cambridge Analytica.
Adult streaming website leaks 11 million emails and private chats
Keeping sensitive information secure is getting more difficult by the minute, especially during this pandemic. That’s because cybercriminals are constantly on the attack, adding high tech tools to their arsenal that help them spoof websites, create impressive phishing emails and hack into websites to steal data.