OnePlus has a little-known feature bundled with its phones called "Shot on OnePlus." It's a way for people to show off the photos they take on their phones by making them available to other OP users as wallpapers. However, OnePlus reportedly designed its API in such a way that it's easy for someone to harvest email addresses from Shot on OnePlus. Read More
We're deep in the throes of Black Friday week, which one might imagine is generally the jolliest time of the year for Amazon. However, the massive global e-commerce platform has just revealed some less-than-jolly news: it "inadvertently disclosed" customer email addresses due to a "technical error." Read More
Securus Technologies is a Texas-based company, specializing in providing and monitoring calls to prison inmates. Securus came into the spotlight earlier this month, when a former Missouri sheriff was found using the company's service to repeatedly track people without a warrant. The New York Times reports that between 2014 and 2017, former sheriff Cory Hutcheson used the service at least 11 times, allegedly tracking a judge and members of the State Highway Patrol.
Securus obtains tracking information through a company called LocationSmart, which in turn has agreements with most U.S. carriers. Earlier this month, Senator Ron Wyden of Oregon wrote a letter to various carriers asking them to independently verify that these requests are made lawfully. Read More
Another week, another potentially serious data breach. The emails, phone numbers, and locations of 31 million users of Android keyboard app Ai.type have been compromised after the developer failed to secure the server on which the information was stored. Some 577 gigabytes of data is said to have been exposed, representing more than three quarters of the app's total userbase. Read More
The next time you sign into your Twitch account, you're going to have to change your passwords and stream keys. You will also need to reconnect your Twitter and YouTube accounts. Why? The same reason as always. It appears someone may have obtained unauthorized access to some Twitch user account information, and these precautions are for your own good.
Twitch has sent out emails to affected users of the video game streaming service, warning that their usernames, email addresses, encrypted passwords, last IP addresses, phone numbers, addresses, and dates of birth may have been accessed.
If you've reused your Twitch password at any other website, now would be a good time to change that one too. Read More
It seems that just about every major organization or service is being targeted for a gigantic data breach these days. Spotify was the latest service to be attacked, and yesterday the music streaming company specifically told Android users to upgrade their apps soon to protect themselves. The update is available today, but Spotify isn't taking any chances: it's created an entirely separate entry in the Play Store to make sure users get the point.
The screen above is what you see if you try to use the older version of Spotify today. The outdated app is labeled simply "Spotify" on the Play Store, whereas the newer and ostensibly safer addition is "Spotify Music." Once the new version is installed, it will direct users to uninstall the older one, probably just to save confusion. Read More
Cerberus Anti-Theft is the type of app that users install for peace of mind. The service offers the ability to track a device's location, record audio through its microphone, lock it, or wipe it remotely in the chance that it falls into the wrong hands. Unfortunately, this line of defense could be a person's worse nightmare if their account were compromised. That's why it was no small deal when Cerberus recently sent out this email to some of its users, alerting them that a number of usernames and passwords were stolen in a recent data breach.
The company has since issued this admirably detailed statement. Read More
If you're a Total SMS Control user, you may be interested in the latest findings of our good buddy Justin Case. He uncovered some rather alarming info within the app, and by alarming, I mean a crapload of exposed data, including SMS messages, emails, call logs, phone numbers, contact information, and GPS location. Yeah.
For the uninitiated, Total SMS Control is an app used to "spy" on other mobile phones. For example, if you install TSC on your child's (or spouse, employee, etc.) phone, it will sit silently in the background collecting emails, text messages, GPS location, and more. The collected data is then forwarded to an account of your choosing, be it email or SMS. Read More