Appthority, a mobile security firm, found many popular app developers are not utilizing secure servers to store user information. The firm found up to 1,000 data caches used by mobile apps were open to anyone with an Internet connection.
Many app developers use security precautions such as two-factor and thumbprint identification for credentials, but Appthority reports the developers don’t use similar precautions for remote server security. The firm estimates up to 43 terabytes of user data were exposed before notifying app developers, stores and storage providers.
The data stored by these servers included different users’ personally identifiable information collected by unsecured apps. This information could be utilized by hackers to compromise both personal and enterprise accounts.
The discovery of this vulnerability, nicknamed HospitalGown, is a reminder to both app developers and app users of the importance of security on all ends. To avoid remote server hacking, developers are encouraged to use logins, encryption and hard-to-find URLs for server IP addresses.