Over 100 Million Personal Data Leaked Due to Misconfiguration From 23 Android Apps


You can follow us on Linkedin, Twitter, Facebook for everyday Cybersecurity and hacking news updates.

The security professionals at Check Point have noticeably noticable that amongst 23 compromised apps, numerous of them have more than 10 million downloads on Google Play Store, and here the most fascinating thing is that an optimum of them are dont have any safeguarded database.

Making use of usage real-time database is a general thing for app designers, as they utilize this technology to save data in the cloud so that in real-time they can synchronize that data with their users.

Hiding the secrets.

Even they also verified that they discovered the qualifications for push notification services in among the evaluated applications.

The security analysts have the ability to find this breach only for their regular investigation, as a regular security checkup they performed this investigation on these 23 apps.

Among those 23 apps, the security experts have actually found the cloud storage type in 2 popular apps, Screen Recorder, and iFax. Here, the Screen Recorder is readily available on Google Play with more than 10 million installations.

The most stunning thing about all these 23 Android apps is their downloads, as each of them has download counts varying from 10,000 to 10 million.

According to the security report from Checkpoint research, in overall 23 Android applications were jeopardized, and the hazard stars have actually discovered the jeopardized information in the unguarded real-time databases.

As we told that 23 applications were jeopardized, and there have actually been more than 100 million individual information of various users who use all these Android apps were compromised..

During the security examination, the cybersecurity researchers have also discovered some other sensitive details related to the developer, that are implanted in some of the apps that are checked by them.

More Than 100 Million Users Data Exposed.

The cybersecurity researchers have claimed that in this massive information breach the following type of personal data has actually been jeopardized, and here they are pointed out listed below:-.

The Astro Guru is one of the apps that provide astrology, palmistry, and horoscope services, so, due to the forecast of several aspects the users put more and precise information, and as a result, the security authorities have actually discovered a big amount of endangered user information in its real-time database.

And this data breach took place just due to the app designers misconfiguration of third-party services. Its a bad practice and not just that even it likewise illustrates that how seriously nowadays the designers take the security procedures.

Compromised apps.

While the research team at Check Point security company has currently contacted and reported this severe personal privacy mistake to Google, and all the designers of these apps prior to making it public.

Nowadays it ends up being rather common and regular to see how apps and business are suffering cyber attacks, which resulting massive information breaches.

Recently, a team of security researchers at Check Point security business has actually reported a massive data breach in which data of 100 million users were exposed. This data breach occurred due to a series of bad security setups of third-party services in the cloud.

Due to the odd security adoption, a few of the designers are suddenly jeopardizing the security of their users data and privacy. As the scientists have alleged that a few of the designers have actually utilized base64 encoding, due to which the decoding remains vulnerable.

Thankfully, this severe privacy mistake has only transpired in a small number of apps like Screen Recorder, iFax, Logo Maker, TLeva, or Astro Guru.

After their examination, they discovered that some real-time databases that did not have any type of security or protection system. And the analysts easily got access to the exposed personal information of the users like e-mail addresses, usernames, passwords, photos, chats, and messages as well.

Data involved

Email addresses.
Personal messages.
Individual pictures.
User ID.
Push notifications.
Screen recording.
User area.
Personal files.
Payment details.
Private chats.
Dates of birth.
Telephone number.

As a security step or mitigation, the professionals have strongly recommended the users to uninstall these apps from their Android devices immediately.