Cloud Security, Security Architecture

Cloud data exposed in thousands of mobile apps

Check Point researchers discovered that 2,113 mobile apps leveraging the cloud-hosted Firebase database had exposed and unprotected data, including gaming app chats, family photos, health care app tokens, and cryptocurrency exchange information, according to TechRepublic. The report showed an e-commerce app exposing its API keys and gateway credentials, as well as a dating app compromising over 50,000 private messages. Moreover, 130,000 users of a logo and graphics design app had their usernames, passwords, and email addresses exposed, while 280,00 phone numbers had been exposed by a small and mid-size business accounting app. “The thousands of databases that expose sensitive data are the cloud databases that are used by mobile applications themselves. So, having a specific application, from VirusTotal, or Google Play Store, or any third-party store, any unskilled person can check if it uses Firebase cloud database and easily access all the data if the database was not properly secured,“ said Check Point Security Researcher Alexandra Gofman.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.