How to Scale End-to-End Observability in AWS Environments

100 Million+ Android Users’ Data Leak Owing To Weak Configurations

Security operatives reveal that personal data exposure from over 100 million Android users could be traced to popular apps on the Google Play Store

TL;DR

Check Point Research, along with major security researchers, concluded that cloud misconfigurations were the major reasons leading to the exposure of over 100 million android users' data.

Over 100 million Android users’ data have been exposed.
Over 100 million Android users’ data have been exposed.
Key Facts
  1. 1

    A majority of these apps had unprotected real-time customer databases, exposing personal user information.

  2. 2

    Some Google Playstore apps that infamously made the Check Point Research list include Astro Guru, Logo Maker, and Screen Recorder.

  3. 3

    Over 11 data categories for apps with over 10 million downloads have experienced data breaches.

Details

Security researchers have revealed that over 100 million Android users could be prone to identity thefts, service swipes, and any other complications that unintentional exposure of their data could bring to them. Check Point Research, leading the charge, maintained that serious cloud misconfigurations of third-party Android applications and services by developers are major factors of this negligence.

Astro Guru data breach with user location, email and personal data. (image courtesy: https://research.checkpoint.com) Astro Guru data breach with user location, email and personal data. (image courtesy: https://research.checkpoint.com)

The firm highlighted in a recently published report how the mismanagement of ethical operations like real-time databases, notification managers, and storage of personal login data like emails, passwords, names, personalized usernames, chat messages and location information, etc. left individual and corporate data in the hands of malicious actors.

This is a bomb waiting to explode and an addition to the list of headaches for cybersecurity experts and more content for cloud news reporters. The year 2021 might witness the worst spate of cybersecurity the world has seen. This is still the first quarter. The world is at an all-time high ransomware spate, dependency confusion string, and Cloudflare analytics report of breaking its standard hurdle and nursing unethical developers that forgot to read the best practices memo. Over 100 million Android users’ data have been exposed. Cleaning this mess up might take a while, and it is more severe than a new publication could express.

The report contained 23 popular apps with open real-time databases. A real-time database provides developers with the ability to make sure data stored in the cloud is in synchrony with real-time for every related user. A real-time database is why a Facebook user does not have to update their age with every passing year. This software holds sensitive information like private chats, email addresses, passwords, device location, user identifiers, group info, etc. To the surprise of the research team at Check Point Research, they had a relatively good time accessing these data, with no obstacles in place to deter their entry. Many users have a specific email and password, meaning they could use the same combination as they did on Astro Guru, Logo Maker, Screen Recorder, and other Android apps that made this infamous list on mailing websites and banking and financial apps, and other services.

Each of these apps boasts over 10 million Google Play Store downloads; Screen Recorder has been rated by hundreds of thousands of Android users. Check Point research declared a total of 23 apps that have over 10 million installation stats, and three having over 500,000 users.


Get similar news in your inbox weekly, for free

Share this news:
How to Scale End-to-End Observability in AWS Environments

Latest stories


How ManageEngine Applications Manager Can Help Overcome Challenges In Kubernetes Monitoring

We tested ManageEngine Applications Manager to monitor different Kubernetes clusters. This post shares our review …

AIOps with Site24x7: Maximizing Efficiency at an Affordable Cost

In this post we'll dive deep into integrating AIOps in your business suing Site24x7 to …

A Review of Zoho ManageEngine

Zoho Corp., formerly known as AdventNet Inc., has established itself as a major player in …

Should I learn Java in 2023? A Practical Guide

Java is one of the most widely used programming languages in the world. It has …

The fastest way to ramp up on DevOps

You probably have been thinking of moving to DevOps or learning DevOps as a beginner. …

Why You Need a Blockchain Node Provider

In this article, we briefly cover the concept of blockchain nodes provider and explain why …

Top 5 Virtual desktop Provides in 2022

Here are the top 5 virtual desktop providers who offer a range of benefits such …

Why Your Business Should Connect Directly To Your Cloud

Today, companies make the most use of cloud technology regardless of their size and sector. …

7 Must-Watch DevSecOps Videos

Security is a crucial part of application development and DevSecOps makes it easy and continuous.The …