Connect with us

Hi, what are you looking for?

Tech & Science

Android user data exposure shows just how vulnerable our data really is

Too often enterprises don’t have a good understanding of what their applications are hosted on within their environments.

The Androids are among us. — Photo: © Digital Journal
The Androids are among us. — Photo: © Digital Journal

There has been a recent Android user data exposure, which opened up over one million records of personally identifiable information. With the incident, Chinese developers of popular Android gaming apps exposed information belonging to users through an unsecured server, as ZDNet reports.

Many of those exposed were video gamer players, many of whom share personal data online. Looking at this latest data breach for Digital Journal is Pravin Rasiah, VP of Product, CloudSphere.

Rasiah places the data breach in the context of a series of recent concerns where public data has been exposed. He notes: “Data leaks occur much more frequently than people may expect.”

This is not an excuse for lax security, however, as Rasiah finds: “Companies storing sensitive customer information have an obligation to ensure that proper security and governance guardrails are in place.”

So why do data breaches occur with increasing regularity? Rasiah says: “Far too often, enterprises don’t have a good understanding of what their applications are hosted on within their environments, the business functions that are supported and the nature of the data stored within these apps and databases.”

The underlying issue is that the process of exposing sensitive data does not require a sophisticated vulnerability. Moreover, the very rapid growth of cloud-based data storage has exposed such weaknesses.

Consequently, Rasiah notes: “The lack of this context coupled with poor configurations at a network level (e.g. exposing it directly to the Internet) while failing to require authorization to gain access is a disastrous combination.”

Hence, Rasiah  observes: “When a server is left exposed, customer information becomes vulnerable to cybercriminals who can leverage this data for a multitude of malicious purposes, including launching highly targeted phishing attacks and brute force attacks against other organizations.”

With the specific incident in relation to Android services, Rasiah’s inquires find: “In this instance, because passwords were stored in plain text, bad actors could also use this login information to attempt to gain access to users’ other accounts, since many people use the same password across many different platforms.”

In terms of what can be done to prevent such incidences from happening again, it is time for companies to look internally and to put robust solutions in place.

Here Rasiah recommends: “To keep user data out of the hands of cybercriminals, companies should leverage platforms that provide holistic visibility into their environments as well as governance to ensure proper structure, processes and support. With a comprehensive assessment of the applications hosted within their cloud environment, companies can safely operate without putting customer data at risk.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Entertainment

Rapper Nicki Minaj caused an uproar this week when she tweeted to her 22.6 million followers.

World

Bulgarian-born Christo had dreamt of wrapping the war memorial since living nearby in the 1960s - Copyright AFP/File Lillian SUWANRUMPHAEric RANDOLPHPresident Emmanuel Macron was...

World

Rapper Nicki Minaj sparked widespread derision over claims a cousin's friend had become impotent after receiving a Covid vaccine - Copyright AFP Brendan SmialowskiThe...

Life

For children and parents schools have a fair amount of trepidation and stress. Here is some advice.