Only when The Post reached out to Whisper parent company MediaLab was the database made private.
Porter and Ehrlich said they notified federal law enforcement of the situation, as well as Whisper, prior to contacting The Washington Post. According to security researchers Matthew Porter and Dan Ehrlich, who run the firm Twelve Security, the database comprised nearly 900 million user records from the app’s release more than eight years to the present day, The Post reports. The records didn’t just include current users, either. The app still has more than 30 million monthly users, some of whom are minors But the records left unprotected online included information like age, location, ethnicity, residence, in-app nickname, and membership in any of the app’s groups. The database did not include real names, as Whisper was designed to protect users’ identities and allow them to share secrets anonymously. According to The Post, which was actively able to query the database in real time before Whisper took it down, a search for users who listed themselves as 15 years of age returned as many as 1.3 million results. The app, while far from as popular as it was in the few years after its release in 2012, is still used by more than 30 million people a month, some of whom are under the age of 18 and share confessions about teenage sexual encounters and information related to sexual orientation. Whisper, an anonymous secret-sharing mobile app that rose to prominence more than half a decade ago, has been inadvertently exposing sensitive information about its users for years through a public online database, according to a new report from The Washington Post.
0 kommentar(er)
