Rogue SDKs covertly harvested personal info, it is claimed
Twitter and Facebook on Monday claimed some third-party apps quietly collected swathes of personal information from people's accounts without permission.
The antisocial networks blamed the data slurp on what they termed a pair of "malicious" software development kits (SDKs) used by the third-party iOS and Android apps to display ads. Once a user was logged into either service using one of these applications, the embedded SDK could silently access that user's profile and covertly collect information, it is claimed.
In the case of Twitter, the offending SDK was built and maintained by marketing house oneAudience, and was allegedly caught collecting user names, email addresses, and Tweets via unspecified Android apps.
"We have evidence that this SDK was used to access people’s personal data for at least some Twitter account holders using An ..
Support the originator by clicking the read the rest link below.
