Malicious apps aren’t the only security risk on our mobile devices. When well intentioned developers make mistakes, you, the user, will suffer.
If you own an Android smart device, be advised there has been a data leak. Security researchers at Check Point have recently discovered a massive data leak that left an assortment of personal data for more than 100 million Android users exposed.
The data was found in unprotected databases used by a total of 23 different popular apps, some of which boast download counts of more than ten million.
Unfortunately, the recent discovery underscores the fact that many app developers aren’t following even the most basic security practices designed to restrict access to the app’s databases.
According to the research team responsible for the discovery, the exposed data includes physical location, gender, stored passwords, stored payment details and photos associated with the apps in question, phone numbers, user names and real names, email addresses, dates of birth, chat messages, and more.
Two of the most egregious examples the researchers found were the app called iFax, and another called Screen Recorder. In the case of iFax, the Android app stored the user’s cloud storage keys and their database contained copies of all fax transmissions from its more than half a million users. In the case of Screen Recorder, which boasts more than ten million installations, the researchers found the cloud storage keys that give access to all of each user’s’ screenshots, which could contain a whole host of sensitive and personal information.
Unfortunately, this is not a new phenomenon. What’s disheartening about the recent discovery though, is how many examples Check Point found during the course of their research. It seems that a dismaying number of app developers are sacrificing security basics in the name of speed and convenience, and the end users of the apps they create wind up paying the price.
All that to say, be careful what you download. An app’s popularity is no guarantee that it’s actually safe to use.
Here are a few things to consider to reduce data leakage on your device:
Pay attention to permissions an app asks for. Stop and consider whether the permissions requested is relevant to the app’s function. For example, if a simple calculator app is requesting access to your contacts or location, that should raise red flags.
Monitor how you device behaves after the app is installed. If you notice a sudden, drastic reduction in your battery life, the app is running in the background and may be up to no good.
Remove apps you don’t use. If you have apps on your device that you don’t need or use, uninstall them. If the apps came preinstalled, your only option may be to disable but at least they won’t be running.
Knowledge is Power!
Sign Up to Receive Our FREE “Cyber Security Tip of the Week”
No Catch. No Obligation. Just week after week of timely tips to keep you one step ahead of hackers.