Comments
A popular secret-sharing app Whisper, that called itself the “safest place on the Internet,” has left years of users’ data including intimate confessions exposed to users on the Web according to a Washington Post report.
The app has exposed user data including their age, location and other details, raising alarms among cybersecurity experts raising the question of privacy. The app allowed access to all the data and information tied to the anonymous confessions on the app to anyone on the internet.
Researchers were able to view data of millions of users on a non-password-protected database open to the public, the report said. A search for data of users aged 15 returned 1.3 million results, it further said.
Cybersecurity researchers Matthew Porter and Dan Ehrlich, who lead the advisory group Twelve Security were able to access approximately 900 million user records dating all the way back to 2012 up till 2020.
The incident was alarming as user data included intimate confessions from minors. The data leaked indicated the user’s stated age, ethnicity, gender, hometown, nickname and group memberships. The app had discussions regarding faith and sexual orientation, as well. The LGBTQ and Faith categories within the app are full of posts that discuss religious beliefs or sexuality in the open as Whisper claimed to offer an anonymous escape for the community, The Verge reported.
Related Stories
Worst fears of privacy activists have come true in 2019
Internet shutdowns, security breaches, data thefts trigger worriesApart from this, the app's new ability to search by location was also concerning. The data retrieved by researchers also included the location coordinates from where the user had last submitted their post. A lot of these coordinates pointed to specific schools, workplaces and residential neighbourhoods. The data also showed entries from locations in military bases. This could lead to users being tracked and blackmailed according to experts, the Post reported.
The researchers alerted the law enforcement post this discovery. Public access to the data was removed by Media Lab, Whisper’s parent company later as per the report.
The company released an official statement in which it had said that the majority of the data was meant to be public to users from within the Whisper app and was not designed to be found directly.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.