An unnamed spyware app has exposed around 16 GB of images and 3.7 GB of MP3 recordings due to a misconfigured database. The leaky database contained over 95,000 images and more than 25,000 audio recordings.
What’s the matter - A security researcher Cian Heasley revealed that an unprotected online storage server has leaked a trove of sensitive and personal images and audio recordings on the internet.
According to Motherboard, the unprotected database was discovered earlier this year. Since then, it has been online for at least six weeks. Apart from the previous photos and recordings, the leaky database is also exposing the latest pictures and audio recordings that are being uploaded every day. The number of users affected in the data leak is still unknown.
Heasley told Motherboard that the source code of the app contained the URL of the leaky database, which is relatively easy to guess.
Company snubs the fact - Heasley has informed the company following the discovery of the issue. In addition, GoDaddy, the domain registrar for the company’s site has also been notified about the matter.
This is not the first time that a spyware company has been identified for leaking sensitive data. In the past two years, 12 different spyware vendors were spotted exposing victims’ personal images and other details. This includes Retina-X (twice), FlexiSpy, Mobislealth, Spy Master Pro, SpyHuman, Spyfone, TheTruthSpy, Family Orbit, mSpy, Copy9 and Xnore.