Friday, November 1, 2024
HomeData BreachOver 100 Million Personal Data Leaked Due to Misconfiguration From 23 Android...

Over 100 Million Personal Data Leaked Due to Misconfiguration From 23 Android Apps

Published on

Malware protection

Nowadays it becomes quite common and frequent to see how apps and companies are suffering cyber attacks, which resulting massive data breaches.

Recently, a team of security researchers at Check Point security company has reported a massive data breach in which data of 100 million users were exposed. This data breach happened due to a series of bad security configurations of third-party services in the cloud.

According to the security report from Checkpoint research, in total 23 Android applications were compromised, and the threat actors have found the compromised data in the unprotected real-time databases.

- Advertisement - SIEM as a Service

The most shocking thing about all these 23 Android apps is their downloads, as each of them has download counts ranging from 10,000 to 10 million.

Data involved

The cybersecurity researchers have claimed that in this massive data breach the following type of personal data has been compromised, and here they are mentioned below:-

  • Email addresses
  • Private messages
  • Personal photos
  • Passwords
  • User ID
  • Username
  • Push notifications
  • Screen recording
  • User location
  • Personal files
  • Payment details
  • Private chats
  • Dates of birth
  • Gender
  • Phone numbers

More Than 100 Million Users’ Data Exposed

As we told that 23 applications were compromised, and there have been more than 100 million personal data of different users who use all these Android apps were compromised. 

And this data breach happened only due to the app developers’ misconfiguration of third-party services. It’s a bad practice and not only that even it also depicts that how seriously nowadays the developers take the security measures.

The security analysts are able to discover this breach only for their routine investigation, as a routine security checkup they carried out this investigation on these 23 apps.

After their investigation, they found that some real-time databases that did not have any type of security or protection system. And the analysts easily got access to the exposed personal data of the users like email addresses, usernames, passwords, photos, chats, and messages as well.

The use of use real-time database is a general thing for app developers, as they use this technology to store data in the cloud so that in real-time they can synchronize that data with their users.

Hiding the keys

During the security investigation, the cybersecurity researchers have also discovered some other sensitive details related to the developer, that are implanted in some of the apps that are tested by them.

Even they also affirmed that they discovered the credentials for push notification services in one of the tested applications.

Among those 23 apps, the security experts have found the cloud storage keys in two popular apps, Screen Recorder, and iFax. Here, the Screen Recorder is available on Google Play with more than 10 million installations.

Due to the obscure security adoption, some of the developers are unexpectedly compromising the security of their users’ data and privacy. As the researchers have alleged that some of the developers have used base64 encoding, due to which the decoding remains unprotected.

Compromised apps

The security specialists at Check Point have distinctly pronounced that among 23 compromised apps, many of them have more than 10 million downloads on Google Play Store, and here the most interesting thing is that a maximum of them are don’t have any protected database.

Moreover, the Astro Guru is one of the apps that offer astrology, horoscope, and palmistry services, so, due to the prediction of several factors the users put more and accurate data, and as a result, the security authorities have found a large amount of endangered user data in its real-time database.

But, fortunately, this severe privacy error has only transpired in a small number of apps like Screen Recorder, iFax, Logo Maker, T’Leva, or Astro Guru.

However, as a security measure or mitigation, the experts have strongly recommended the users to uninstall these apps from their Android devices immediately.

While the research team at Check Point security firm has already contacted and reported this serious privacy error to Google, and all the developers of these apps before making it public.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Grayscale Investments Data Breach Exposes 693K User Records Reportedly Affected

Grayscale Investments, a prominent crypto asset manager, has reportedly suffered a data breach affecting...

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

The Police Service of Northern Ireland (PSNI) has been ordered to pay a £750,000...

Google Warns Of North Korean IT Workers Have Infiltrated The U.S. Workforce

North Korean IT workers, disguised as non-North Koreans, infiltrate various industries to generate revenue...