Android Voice Chat app with 5 million downloads reveals user data and conversations
A popular Android voice chat app with over 5 million downloads has leaked data including user conversations. The app OyeTalk uses Google’s Firebase mobile app development platform, but according to the report, all data stored on the platform was left vulnerable without password protection.
According to Cybernews researchers, the content of the exposed users includes the IMEI number, their username in the app and all unencrypted conversations. But admittedly, revealing the IMEI number leaves millions more at risk, as bad actors can use the details to track down devices and their owner.
The
report
mentions that the leaked database is about 500 megabytes in size, suggesting that the attackers have already gained access to the data or even removed it from the available pool, which also puts millions and their private conversations at risk.
Cybernews employees have also noticed that most of the sensitive user data, along with API keys, are hard-coded into the application, which is never a good thing and leaves people vulnerable to potential intrusions and data breaches. Researchers claim that they are so easily accessible, which shows that the developers of the app did not do a sloppy job.
But that’s not the only thing to worry about. The Cybernews team contacted the developers of the voice chat app, and they did not respond from the company. In the end, Google’s security measures were used to fix the loophole and ensure the security of the database.
We come across these kinds of security incidents on a regular basis, but app security breaches that allowed information such as IMEI numbers to be leaked are a major concern. Having more than 5 million users means that the app is popular, but if you are one of them, we recommend that you delete the app and reset the passwords of important accounts immediately.
Read all the Latest Tech News here.