May 21, 2021
After examining 23 Android applications, Check Point Research (CPR) noticed mobile app developers potentially exposed the personal data of over 100-million users through a variety of misconfigurations of third party cloud services.
The research was carried out by a team at CPR that included Aviad Danin, R&D team leader, Aviran Hazum, analysis and response team leader, Bogdan Melnykov, reverse engineer, Dana Tsymberg, cybersecurity analyst, and Israel Wernik, cybersecurity researcher, who published a blog with the findings after first alerting Google and the app developers.
Personal data included emails, chat messages, location, passwords and photos, which, in the hands of malicious actors could lead to fraud, identity-theft and service swipes.
23 Android Apps Expose Over 100,000,000 Users Personal Data
Misconfigurations in multiple Android apps leaked sensitive data of more than 100 million users, potentially making them a lucrative target for malicious actors. By not following best-practices when configuring and integrating third-party cloud-services into applications, millions of users private data was exposed, Check Point researchers said in an analysis published today and shared with The Hacker News. In some cases, this type of misuse only affects the users, however, the developers were also left vulnerable. The misconfigurations put users personal data and developer s internal resources, such as access to update mechanisms, storage, and more at risk.
If Any Of These Apps Are On Your Phone, Stop Using Them Now forbes.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from forbes.com Daily Mail and Mail on Sunday newspapers.