Google Play Store Apps Leak Data. Millions At Risk
Millions have been placed in a compromising position after it was found 14 top Android apps that have been downloaded at least 142.5million times from the Google Play Store have been leaking sensitive user data, such as emails, usernames and the owner’s real name.
The apps in question were made on the Google-owned platform Firebase, which can be used to hold financial records.
The problem is these can be managed by developers with no security training. If something isn’t configured correctly serious issues may later occur.
Analysis by CyberNews found this is what’s happened. These misconfigurations mean anyone with knowledge of the correct URL can access real-time databases containing user info without authentication.
A CyberNews researcher says, “This indicates the app is leaking not only user data, but also their private messages to anyone to access and do with as they please.”
The research only listed apps which have now rectified the situation, including Universal TV Remote Control, which had been installed on more than 100million Android devices.
Android users must now wait for developers to take action as this is a technical problem that can only be fixed with a patch.