Last Updated: February 24, 2023, 08:15 IST
5 million downloads is a big sample size for concern
The app helps people share private conversations but all the data was stored in an unsecure manner.
Popular Android voice chat app with over 5 million downloads has been leaking data including the conversations of users. The app OyeTalk uses Google’s Firebase mobile app development platform, but according to a report all the data stored on the platform was left vulnerable without any password protection.
As per the details from researchers at Cybernews, the content of users exposed includes IMEI number, their usernames on the app and all the unencrypted chats. But one would have to agree that having IMEI number exposed leaves millions at a bigger risk since the bad actors can use the details to track down the devices and who owns them.
The report mentions that the leaked database is around 500MB in size, which suggests the attackers have already got access to the data or even deleted it from the available set, which is also putting millions and their private chats in jeopardy.
The folks at Cybernews have also noticed that most of the sensitive user data along with the API keys has been hardcoded in the app which is never a good move and leaves people to possible intrusion and data breach. The researchers claim having them so easily available shows the sloppy work done by the developers of the app.
But that’s not the only worrying bit. The Cybernews team reached out to the developers of the voice chat app and they didn’t hear back from the company. Eventually, it was Google’s security measures that were used to fix the loophole and ensure the database is secure.
We come across such security instances regularly but having such lapses in security of apps that allowed data like IMEI numbers to leak is a big worry. Having over 5 million users means the app is popular but if you are one of them, we suggest you delete the app and reset passwords of important accounts right away.
Read all the Latest Tech News here