Article 50X0M Confessions App "Whisper" Spills Almost a Billion Records

Confessions App "Whisper" Spills Almost a Billion Records

by
Fnord666
from SoylentNews on (#50X0M)

upstart writes in with an IRC submission for SoyCow420:

Confessions app Whisper spills almost a billion records:

Researchers who uncovered a data exposure from mobile app Whisper earlier this week have released more details about the incident.

Whisper is an app from MediaLab, a mobile app company that owns a host of other apps including the popular messaging service Kik. It offers a kind of anonymous social network service that allows people to post their innermost fears and desires, supposedly without risk.

Its users post everything from dark family secrets to stories of infidelity. It gathers these up and uses them for articles on its website, including "Naughty Nannies Confess To Sleeping With The Fathers They Work For", "Alcoholism Runs In My Family", and "I Married The Wrong Person".

The problem, according to researcher Dan Ehrlich of cybersecurity consultancy Twelve Security, is that Whisper didn't steward that data very well. He says that he and his colleague Matthew Porter accessed 900m records in a 5 TB database spanning 75 different servers, logged between the app's release in 2012 and the present day. The data was stored in plain text on ElasticSearch servers and included 90 metadata points per account.

The Washington Post broke the story about the app on Monday 10 March, having worked with the researchers.

The Washington Post

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments