Your personal data is exposed to hackers — alarming report reveals mobile apps are not protecting your info

Your personal data is exposed to hackers — alarming study reveals mobile apps are not protecting your info

Hackers can easily access your mobile app information
(Image credit: Getty)

Equally you lot casually input sensitive information into a cryptocurrency app, a dating service, or a shopping platform, yous may assume the folks behind the mobile applications are doing their part to protect your data. Only according to a new Check Point Inquiry (CPR) investigation, you’d exist sorely mistaken.

CPR released a scathing report exposing mobile applications for leaving their users’ personal information unprotected and attainable to hackers. The most unnerving attribute of the investigation is that malicious actors just need one thing to pull off a data alienation: a browser.

  • All-time password managers of 2022
  • All-time laptops of 2022
  • All-time video-editing laptops of 2022

Dating apps, crypto platforms, health trackers and more: your data may not exist safety

During a three-month inquiry study, CPR investigators discovered that a whopping 2,113 mobile apps left their databases exposed and unprotected in the cloud. These apps ranged from x,000+ downloads to more 10 million downloads.

Some of the sensitive data CPR researchers spotted included cryptocurrency exchange data, healthcare token IDs, personal family photos, and more than. In i harrowing case, CPR uncovered 50,000 individual messages from a pop dating app.

“In this research, we show how easy it is to locate data sets and critical resources that are open on the cloud to anyone who can just get access to them past browsing,” said CPR’s Head of Threat Intelligence and Research Lotem Finkelsteen.

Popular:   iPhone SE (2022) vs iPhone SE (2020): How much of an upgrade is Apple’s budget smartphone?

Finkelsteen added that malicious actors tin access mobile apps’ exposed databases in a few simple steps that involve searching public-file repositories (e.yard. VirusTotal) for mobile apps that use cloud-storage services. “Everything we constitute is available to anyone. Ultimately, with this research, we evidence how easy it is for a data breach or exploitation to occur.”

At this time, CPR is not revealing the names of the mobile apps in question, but the following is a minor sample of the 2,000+ platforms that left its users exposed during the investigation period:

  • Section store application, one of the largest chains in South America
    (10 million+ downloads) —
    Exposed information:
    API gateway credentials and API key
  • Running tracker app
    (100,000+ downloads) —
    Exposed information:
    Users’ GPS coordinates and wellness parameters like heart rate
  • Dating app for people with disabilities
    (10,000+ downloads) —
    Exposed information:
    50,000 individual letters in the open up DB of a dating awarding
  • Logo design app
    (10 millon+ downloads) —
    Exposed data:
    130,000 usernames, emails and passwords
  • Social audio platform app for users to share and mind to podcasts
    (5 one thousand thousand+ downloads) —
    Exposed data:
    users’ bank details, location, phone numbers, conversation messages, buy history and more
  • Bookkeeping application
    (1 million+ downloads) —
    Exposed data:
    280,000 telephone numbers associated with at least eighty,000 company names, addresses, bank balances, cash balances, invoice counts and emails

This written report exposes a glaring security issue: mobile apps are too negligent with its users’ personal data. CPR too called out cloud-security developers, concluding that they must take steps to add ameliorate protections to their services.

Popular:   Move over Mac mini, this is the Mac Studio

Kimberly Gedeon

Kimberly Gedeon, holding a Chief’due south caste in International Journalism, launched her career as a journalist for MadameNoire’s business trounce in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, like shooting fish in a barrel-to-understand, entertaining stories for immature women of color. During her fourth dimension on the business concern beat, she discovered her passion for tech equally she dove into articles virtually tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. After 8 years of freelancing, dabbling in a myriad of beats, she’s finally found a home at Laptop Mag that accepts her as the crypto-fond, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!