More than 100 million Android users are at risk after 23 different mobile apps were found to leak personal data in the wake of rampant cloud misconfigurations. The data was accessible from real-time databases in 13 of the apps, whose download numbers range from 10,000 to 10 million. Push-notification and cloud-storage keys were embedded in a number of Android applications, which put developers own internal resources, such as update mechanisms, storage and more, at risk. The depth of the data at risk across the apps could be possible, from using credentials against other accounts to social engineering and fraud/identity theft, researchers said.
Source: https://threatpost.com/100m-android-users-cloud-leaks/166372/