Firebase’s Misconfiguration Leaks Sensitive Data Of Millions of Android Users

Privacy has been an all the more important concern in the digital world and Europe and other countries have taken an active step to curb down on any privacy infringement that occurs. The recent cases against Facebook assure the users that no matter the size of the influence of the firm, in case of Facebook exceeding billions, there will be complete safety and security for their privacy. The cases against Facebook and Google in the United States have also prevented the launch of Instagram Kids as well. There is little contention as to leakage, however, one of the biggest application developers, Firebase, is soon to catch legal fire under their coat tails when there would be significant action taking against them.

The report by CyberNews researchers highlights the fact that there has been a misconfiguration of Firebase’s security allowing all sorts of information, including their usernames, email address, and some other details. To judge the capacity and reach of the leak, the clientele of Firebase needs to be identified. In doing so it was found out that the base includes 14 of the top android applications, with over 140 million in downloads on the Play and Apple stores, the size of the breach spans over to several countries and communities. Apart from the top 14 apps with 140 million downloads, the firebase community developers have an estimate of 2.5 million applications posted and published on the application stores.

The platform might also take down Google as well as Firebase was acquired by Google back in 2014. This also brings some heat over to Google after the difficult and disturbing cases they previously had to deal with.

This disturbing news came to light when CyberNews ran a survey and check of the applications posted on the stores for privacy and security concerns. While many of them passed little by little, the 14 top applications hosted by Firebase were faced with severe problems in the face of their misconfiguration. To understand the case, anyone that is able to access a specific URL for each application can access all of the databases presented by the users to the application. In an attempt to reach Google for updates on the difficulties, all organizations were faced with no response to the query of cybersecurity and their association to the Firebase’s misconfiguration.

However, reaching out to the 14 companies associated, nine of these companies reached out to Google for assistance and secured their database while the rest of them are leaking data and we can do nothing about it.

Photo: Getty Images

Read next: This malware infects around 10 million Android devices while its hackers generating millions off it every month
Previous Post Next Post