Skip to main content

Study Claims iOS & Android Based Apps Store Users’ Private Data

Popular apps on iOS and Android are storing sensitive user information in a way that makes it a lot easier for hackers to steal them.

According to a research done by security firm viaForensics, several popular Android and iOS app are storing user information like passwords, user names and credit card data in plain text files on the phone.

Any criminal with physical or remote access to the device will be able to steal the information without so much as breaking a sweat.

The Chicago based mobile forensics firm claimed that popular apps like Android Mail for Exchange, Hotmail, Foursquare and Groupon stored user password and some information regarding the sections of the app accessed by the users in plain text files on the phone.

Even through Apple was rated as secure compared to Android iOS users still have a reason for concern.

"Someone with moderate technical skill could download the Android SDK [software development kit], and if they got the phone they could read that data. [They're] not doing anything that requires money," said Ted Eull, vice president of technology services at viaForensics.

“Why store the sensitive data in the clear in the first place? If the data's not there for harvesting, attackers won't go after it,” he continued.