Over 198,000 User's Personal Information Exposed By The Kinoptic iOS App
Chris Vickery, a security researcher of MacKeeper has discovered a database that belongs to an abandoned iOS app. The Database is easily accessible via the Internet and around 198,000 user's personal information has already exposed.
By using the Kinoptic iOS app users can do the following things:
- Users to create cinematic slideshows of their photos.
- Users can also animate smaller portions of one photo.
- Piece multiple photos into a video-like slideshow.
The Kinoptic iOS app was launched in 2012 and in 2015, it was removed from Apple's App Store, after failing to garner a bigger following. And in the year 2016, its website was totally succumbed.
But According to the security researcher, Chris Vickery, the MongoDB databases that were in this app has remained still even after the shutdown of Kinoptic's app. Chris Vickery has always searched the Internet in order to the exposed MongoDB databases.
Kinoptic's developers leave the MongoDB databases as it was and simply abandoned their service, the thing that developers usually do with the discontinued apps.
According to the Chris Vickery, anyone can easily access the content of database without any authentication. He also said that this database was exposed online via a default MongoDB configuration.
The exposed data includes the following:
- Email Addresses
- Hashed Passwords
- Other details were also stored in Kinoptic profiles.
Vickery delivered a news yesterday that "Apple didn't want to help the researcher track down Kinoptic's devs" along with this news the other worst news was that "there is no way to contact that app's developers, so it means that until or unless the database is powered down the data will remain online but if the developers stop paying their server bills then there may be a chance that the data will become inactive."
Despite the fact that so many efforts has been already put by the Vickery to contact Apple's App Store team for details about Kinoptic developers, but still Vickery is putting more efforts to contact the app's authors once.
This app is not listed on Apple App Store anymore, so the Apple said that they don't care about this app anymore and they unapologetically washed their hands of the whole thing.
So its an advice for Kinoptic users to change their passwords for accounts where they have used the same passphrase.