There have been a lot of apps that have been receiving a lot of scrutiny; the parenting app TeenSafe was found leaking user data, and now the most recent one to take the spotlight is PumpUp Fitness. One of several fitness apps in recent months that have been found leaking user data, personal messages, and even tracking the routes of runners.
Discovered by security researcher Oliver Hough, PumpUp had left its back-end server on Amazon unencrypted. The server also had no password, so anyone could access the server and monitor user logins, conversations between users, personal data, location, and other sensitive information. This included anyone logging using their social media account; they too would be putting their accounts at risk.
The Chief Executive of PumpUp, Garret Gottlieb, and other high level staff members were informed of the open server, but no comments were put forth on how the error would be handled. Earlier this week, the server was closed up and secured.
This is not the first time that we have heard about a leak happening on an Amazon Cloud Server. The aforementioned parenting app, TeenSafe, was also found leaking its users data. This is hopefully going to be a warning shot for organizations and companies that utilize cloud based servers on Amazon.
---Sh7nk-Z0id
Discovered by security researcher Oliver Hough, PumpUp had left its back-end server on Amazon unencrypted. The server also had no password, so anyone could access the server and monitor user logins, conversations between users, personal data, location, and other sensitive information. This included anyone logging using their social media account; they too would be putting their accounts at risk.
The Chief Executive of PumpUp, Garret Gottlieb, and other high level staff members were informed of the open server, but no comments were put forth on how the error would be handled. Earlier this week, the server was closed up and secured.
This is not the first time that we have heard about a leak happening on an Amazon Cloud Server. The aforementioned parenting app, TeenSafe, was also found leaking its users data. This is hopefully going to be a warning shot for organizations and companies that utilize cloud based servers on Amazon.
---Sh7nk-Z0id
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011