Security

High-Profile Mobile Websites And Apps Caught Leaking Sensitive Data

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

More than 200 mobile websites and apps, including the Royal Mail and Deezer, have been caught exposing sensitive consumer and enterprise information.

More than 200 mobile websites and apps, including the likes of Royal Mail, Deezer and popular porn sites, have been caught exposing sensitive consumer and enterprise information over the past year.

Wandera’s 2017 Mobile Leak Report identified the culprits leaking personally identifiable information (PII) after carrying out a global analysis of nearly four billion requests across hundreds of thousands of corporate-liable devices for over 500 enterprises.

data breach

Data security worries

The websites and apps in question span more than a dozen categories, from news & sports to travel, shopping and entertainment, with Fox Sports Australia, SNCF and Thalys being just some of the high profile names to make the list.

90 percent of leaks included information such as email addresses and usernames, with 86 percent including passwords. These are concerning facts seeing as cyber criminals are frequently using this type of information to hack their way into multiple user accounts, as shown by the recent National Lottery breach

“Mobile is well and truly the new frontier for data security,” said Eldar Tuvey, CEO of Wandera. “It’s clear that security and compliance risks are far more formidable threats than previously thought. With the reported cost of remedying a mobile breach in the US falling between $250,000 to $400,000 in many cases, enterprises need to take concrete steps to routinely monitor the data that flows to and from each individual device, identify potential security gaps and dynamically respond.”

Three categories – news & sport, business & industry and shopping – made up 59 percent of all leaks, while 29 percent came from either travel, entertainment, lifestyle or technology. Finally, 80 per cent of the top 50 adult websites were found to be leaking PPI and nearly two percent of data leaks originated from social media.

As the amount of sensitive business and personal information held on mobile devices continues to increase, mobile security will become a key priority for businesses. Health and finance apps have already been found to be riddled with security issues and the mobile malware threat has grown significantly in 2016, through the likes of the HummingBad virus and the Conficker worm.

With that in mind, businesses would be wise to embrace a mobile security strategy sooner rather than later.

Quiz: The business of mobile apps