Another day, another data breach putting user data at risk – This time, PhotoSquared, a popular photo app for Android and iOS has suffered a massive leak after exposing highly personal data of hundreds and thousands of users.
Based in the United States; PhotoSquared lets users upload their photos to the app which are then converted into light-weight photo boards that are physically delivered to users. PhotoSquared also charges a fee for each conversion depending on the type of board.
PhotoSquared’s on Play Store
Currently, PhotoSquared has over 100,000 installs on Android devices while it is also popular among iPhone users. The bad news is that PhotoSquared has leaked personal data of more than 100,000 users – All of it completely unsecured and unencrypted.
See: Avast acknowledges collecting user data; shuts down Jumpshot
According to vpnMentor’s research team led by Noam Rotem and Ran Locar, PhotoSquared had the data stored on an unprotected Amazon Web Service (AWS) S3 bucket that was available for public access on the internet. The database itself was hosted somewhere in the State of Maryland.
The team published its detailed analysis in a blog post revealing that the exposed database contained the following:
Full name of users
Home/delivery addresses
Photos uploaded by users for editing
USPS shipping labels for delivery of photo tiles
Or ..
Support the originator by clicking the read the rest link below.
