Just a Handful of Android Apps Exposed Data of More than 100 Million Users

Almost half a decade after the first reports were published, mobile app developers are still exposing their users' personal information through abhorrently simple misconfigurations. From a report: In a report published last week, security firm Check Point said it found 23 Android applications that exposed the personal data of more than 100 million users through a variety of misconfigurations of third-party cloud services. This included developers who forgot to password-protect their backend databases and developers who left access tokens/keys inside their mobile application's source code for services such as cloud storage or push notifications. The Check Point team said it was able to use the information they found through a routine examination of 23 random applications and access the backend databases of 13 apps. In the exposed databases, researchers said they found information such as email addresses, passwords, private chats, location coordinates, user identifiers, screen recordings, social media credentials, and personal images.

Read more of this story at Slashdot.