|01 Apr 2014||#1|
| || |
How Fandango and Credit Karma exposed millions of smartphone users...
How Fandango and Credit Karma exposed millions of smartphone users’ data
Developers of two popular smartphone apps—Fandango and Credit Karma—have been caught transmitting passwords, social security numbers, birth dates, and other highly sensitive user data over the Internet without properly encrypting it first, officials with the Federal Trade Commission said.
As a result, it was trivial for hackers to intercept the data when people used the apps on both Apple's iOS and Google's Android mobile operating systems, complaints filed by the FTC alleged. The complaints leveled charges of other shortcomings in the developers' security, including the failure to properly test and audit the safety of apps before making them available for download. The improper encryption, which security experts warn is akin to having no encryption at all, was allowed to persist for four years at Fandango. The company also failed to have an adequate process for receiving vulnerability reports from researchers and other third parties, FTC officials said.
Fandango has as many as 100 million downloads from the iOS App Store and Google Play market for Android. Among other things, the app allows users to buy movie tickets. Credit Karma has five million to 10 million downloads and allows users to monitor their credit scores.
|My System Specs|
|Similar help and support threads for2: How Fandango and Credit Karma exposed millions of smartphone users...|
|New website helps users opt out of smartphone tracking||News|
|Facebook bug exposed contact info of 6M users||Security News|
|Malware Tricks Facebook users into exposing credit card details||Security News|
|Google-Cached Blippy Pages Exposed Credit Card Numbers.||Security News|
|Blippy users' credit card #s show up in Google||News|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 01:57 AM.