A Technical Malfunction Impacts Thousands of Edison Mail iOS App Users

Recently, a security bug in the Edison Mail iOS app has impacted about 6,480 users. Due to the issue, some users could access other people’s email accounts from the app without authentication.

What happened?

  • Last week, a software update released for the iOS application enabled users to manage their accounts across different Apple devices.
  • The update caused a technical malfunction that affected approximately 6,480 Edison Mail iOS users.
  • According to Edison Mail, the temporary issue is a bug, and not correlated to any external security issues.
  • The impacted email accounts’ data may have been exposed to other users. However, no user credentials were compromised.

More about Edison Mail

  • The Edison Mail app enables users to manage their iCloud, Gmail, Outlook, Yahoo, and other email services on a single platform.
  • The company addressed the issue with two software updates. While the first one prevented impacted users from accessing any account from the Edison app, the second one re-enabled access for impacted users.
  • Following the bug, a new version of the Edison Mail iOS app was made available in the App Store that restores full functionality for the impacted 6,480 users.
  • All the impacted users were notified via email and were asked to change their email account password.

Some similar vulnerabilities

  • Last month, Apple’s iOS Mail app was found to contain two critical security vulnerabilities. If exploited, it could have enabled hackers to steal victims’ personal data.
  • In 2019, Outlook app with versions before 3.0.88 for Android contained a vulnerability (CVE-2019-1105), which affected over 100 million users.

How to protect against such vulnerabilities?

Regardless of whether you use Microsoft Outlook, Gmail, or other apps, you can take the following steps to protect yourself against vulnerabilities:
  • Always use the latest version of the email software and ensure to enable the automatic update feature.
  • Use encrypted emails for confidential communication to avoid exposure to any strangers.