2.7 C
Munich
Wednesday, November 25, 2020

Leading Christian faith app exposed users’ data, say researchers

Must read

Rittenhouse attorney says judge granted request to be allowed on case

A California-based attorney who represents Kyle Rittenhouse, the Illinois teen charged with killing two people and wounded a third during a summer protest in Kenosha, Wis., said Monday that a judge will allow him to appear in court on behalf of his client. John Pierce, of Los Angeles, needed permission to appear in a Wisconsin courtroom as…

‘Squad’ members says Rahm Emanuel ‘should not be considered’ for any role in Biden administration

Members of the progressive "squad" are insisting that former Chicago Mayor Rahm Emanuel not join the next administration in any capacity, including for a less visible role than what President-Elect Biden's team was originally considering."What is so hard to understand about this?" Rep. Alexandria Ocasio-Cortez, D-N.Y., tweeted Monday. "Rahm Emanuel helped cover up the murder of Laquan McDonald.…

Deployed dad surprises family in heartwarming reunion, meets son for first time at Patriot Awards

 An Army captain had an emotional reunion with his family after a surprise return from a deployment to the Middle East.Captain John J. Klein III,  a U.S. Army Signal Company Commander for the 34th Expeditionary Combat Aviation Brigade, was nominated for Fox Nation's Patriot Award for the Modern Warrior at this year's second annual Patriot Awards, which honor everyday American heroes.Klein's wife, Veronica, and three children -- including…

Professor offers to cook Thanksgiving meal for students alone on holiday

A college professor in Iowa went viral online after she offered Thanksgiving meals to any kids who can’t go home for the holidays because of the coronavirus pandemic."My email offer to make a few extra Thanksgiving meals would probably have been greeted by an – ‘oh that's nice’ fleeting thought last year," Liz Pearce, a communications…

Pray.com, which offers a Christian faith app that has been downloaded over 1 million times, has been “leaking” user data, researchers from cybersecurity firm vpnMentor told Fox News.

The Pray app is designed for daily prayer, Bible stories and Christian meditation, according to the app’s download page. “It has been incredibly popular since launching in 2016,” vpnMentor said in a research note.

“Pray.com’s developers failed to properly secure vast amounts of data collected from the app,” vpnMentor said, potentially exposing users to fraud and online attacks.

MASSIVE LIST OF WISCONSIN VOTER DATA CIRCULATING ON CYBERCRIMINAL FORUM, RESEARCHER SAYS

The researchers said they discovered four misconfigured Amazon Web Services (AWS) S3 buckets and identified Pray.com as the owner.

That resulted in “many of the files stored within them [being] publicly accessible to anyone with access to the bucket’s URL (easily obtained),” vpnMentor explained. “Through further investigation, we learned that Pray.com had protected some files, setting them as private on the buckets to limit access.” 

AWS S3 buckets are a popular cloud storage solution for many apps and websites, but users must set their own security protocols, vpnMentor said.

The researchers added they have no way of verifying whether data has actually been leaked. “We have no evidence – and no way of knowing – whether the data in our reports has been accessed or leaked by anyone else; only the database owner can know that,” the cybersecurity firm said.

“We don’t know if anyone has actually accessed data and downloaded it,” Ran Locar of vpnMentor’s research team told Fox News in a phone interview. Locar, along with Noam Rotem, led the research team that looked into the data exposure.

The company’s attempts to contact Pray.com. were unsuccessful. “After our first two attempts at contacting Pray.com failed to elicit a reply, we contacted AWS directly to notify them…but there remains no evidence that the [Pray.com] has attempted to resolve the issue,” vpnMentor said.

Fox News has contacted Pray.com but has not yet received a response.

Amazon’s AWS is not responsible for the server misconfigurations cited above, vpnMentor said.

What makes a leak like this dangerous is “most of the people affected don’t even know…they didn’t agree to have their data exposed,” Locar said, adding that user data sometimes contains PIN numbers and credit card numbers among other very sensitive data.

“That stuff also got grabbed and sent to their servers,” Locar added.

“[This is] a very strong privacy lesson,” Locar said. “If an app is asking for permission, it will grab the data and the data is no longer in your control.” 

“When using an app on any device, carefully review the permissions it’s requesting and find out for what purpose they’re needed. If an app asks for access that doesn’t make sense, you can refuse,” vpnMentor said in the research note. 

CLICK HERE TO GET THE FOX NEWS APP

Read More

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Latest article

Rittenhouse attorney says judge granted request to be allowed on case

A California-based attorney who represents Kyle Rittenhouse, the Illinois teen charged with killing two people and wounded a third during a summer protest in Kenosha, Wis., said Monday that a judge will allow him to appear in court on behalf of his client. John Pierce, of Los Angeles, needed permission to appear in a Wisconsin courtroom as…

‘Squad’ members says Rahm Emanuel ‘should not be considered’ for any role in Biden administration

Members of the progressive "squad" are insisting that former Chicago Mayor Rahm Emanuel not join the next administration in any capacity, including for a less visible role than what President-Elect Biden's team was originally considering."What is so hard to understand about this?" Rep. Alexandria Ocasio-Cortez, D-N.Y., tweeted Monday. "Rahm Emanuel helped cover up the murder of Laquan McDonald.…

Deployed dad surprises family in heartwarming reunion, meets son for first time at Patriot Awards

 An Army captain had an emotional reunion with his family after a surprise return from a deployment to the Middle East.Captain John J. Klein III,  a U.S. Army Signal Company Commander for the 34th Expeditionary Combat Aviation Brigade, was nominated for Fox Nation's Patriot Award for the Modern Warrior at this year's second annual Patriot Awards, which honor everyday American heroes.Klein's wife, Veronica, and three children -- including…

Professor offers to cook Thanksgiving meal for students alone on holiday

A college professor in Iowa went viral online after she offered Thanksgiving meals to any kids who can’t go home for the holidays because of the coronavirus pandemic."My email offer to make a few extra Thanksgiving meals would probably have been greeted by an – ‘oh that's nice’ fleeting thought last year," Liz Pearce, a communications…

WATCH: NY business owners demand warrant when health inspector barges inside over Cuomo COVID restriction

A group of New York business owners on Friday could be seen having a tense confrontation with sheriff’s deputies and a county health inspector over Gov. Andrew Cuomo’s coronavirus restrictions, in a viral video that made the rounds online over the weekend.The video, shared on a blog post by Tim Walton, shows Erie County sheriff’s…