CyberNews Briefs

Misconfigured Firebase Databases Exposing Data in Mobile Apps

Check Point Research has released new analysis finding that 2,113 mobile apps using the Firebase could-base database exposed users’ personal data. This means that 5% of the databases were vulnerable to threat actors, creating a gold mind of exploit opportunity across the thousands of apps. Some of the apps had been downloaded tens of millions of times and were found to be vulnerable due to misconfigured cloud implementations. Mobile apps that the researchers found to be vulnerable include popular dating apps, fitness apps, logo design, e-commerce, and bookkeeping apps.

Exposed information, depending on the app, includes personal family photos, chat history, healthcare applications, cryptocurrency exchange data, and more. The recent research highlights the vulnerability of misconfigured cloud infrastructure, and shows that it can have serious implications for consumers. The databases are highly valuable to malicious actors who are able to read and write new values in the database.

Read More: Misconfigured Firebase Databases Exposing Data in Mobile Apps

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.