On the 6th of this month security firm, viaForensics done some testing on a number of popular iOS and Android tests and revealed that Netflix, LinkedIn and FourSquare apps all stored user account passwords unencrypted.
Since the announcement was made, FourSquare acted and updated its app to obscure users’ passwords, however, other data such as search history was still vulnerable.
While these three apps were the big brands, other apps, such as the iOS edition of Square which stores signatures, transaction amounts and the last four digits of credit card numbers, was found to do this unencrypted.
Although it may take some effort to steal this data, it is quite possible to do so by experienced hackers. Seasoned programmers can easily create some malware to harvest this information automatically when installed on a handset.
We surely hope that these companies would take action in patching these security loopholes.
image source Engadget
