Hundreds of iOS apps are fleeing data due to poorly cfigured Firebase backbases, according to a report

Some 2200 unsecured Firebase databases leaked more than 3,000 iOS and Android apps, exposing more than 100 milli pieces of data, including passwords, health information, and GPS locati data.

  The HospitalGown Report of Appthority

According to a new report from Appthority mobile app security firm, called Q2 2018 Enterprise Mobile Threat Report the problem is caused by a new variant of what is nicknamed "HospitalGown Vulnerability." HospitalGown, brazenly named because it deals with data "leaked through the backend data stores," was identified by the Appthority Mobile Threat team in 2017.

Now, Appthority reports that the problem is getting product when applicati developers choose not to require authenticati. Google Firebase cloud databases, which is not de by default when developers use the popular development tool.

Appthority found that of the 1,275 iOS applicatis using a Firebase database, 600 were vulnerable. Overall, more than 3,000 applicatis leaked data from 2,271 miscfigured databases. Amg the disclosed data are 2.6 milli unencrypted passwords and user IDs, over 4 milli protected health information records and 50,000 financial records.

"To properly secure the data, developers must specifically implement user authenticati across all tables and rows in the database, which happens rarely in practice," writes Appthority in the report. "Moreover, attackers do not need much effort to find open firebase applicati databases and access millis of copies of the …

We will be happy to hear your thoughts

      Leave a Reply

      AppleiPhonestop - Apple iPhone News and Rumours All Day
      Enable registration in settings - general
      Compare items
      • Laptops (0)