How to Protect Your Personal Data From Google Firebase Leak

Posted on by

It looks like about 24,000 apps on the Google Play store may have caused a data breach. Unlike Play Store malware and scams, which we often cover, which actively steal or disseminate information about users, these apps accidentally leak data due to a poorly configured Google Firebase, one of the most widely used platforms for developing Android apps.

Firebase is used by almost a third of all Play Store apps; According to a Comparitech study , about 4.8% of these applications – about 24,000 – store your data in improperly secured databases. These insecure databases include a ton of personal information such as your email address, username, password, full name, phone numbers, copies of chat messages, street addresses, IP addresses, GPS data, credit card details, and more. and also databases can be accessed. with just a quick Internet search. Google is removing Firebase databases from search results, but they can be found using other search engines such as Bing.

While 24,000 apps may seem like a small part of the huge Play Store library, the Comparitech team found that many of the holey apps are quite popular, with 4.22 billion shared downloads of apps they tested, the most popular being games and educational apps. With numbers so high, it is possible that the application you were using has some of your data stored in an easily searchable database.

How to prevent your data from leaking through Google Firebase

Unfortunately, the only way to completely prevent data leaks for every app developer is to update the Firebase storage configuration; other than not using these apps (which are not explicitly listed by Comparitech or elsewhere), there is little you can do to stop it.

However, you should use the same preventive measures as if you were worried about malicious Android apps, which you should also do :

  • Create unique passwords for all your accounts and use an encrypted password manager to keep them safe (and take the burden of remembering them all or storing them insecurely).
  • Minimize general data and personally identifiable information. This includes contact information such as your name, address and personal email / phone numbers; any financial or payment information; and other user data such as your GPS and web browser history.
  • Don’t link your apps and accounts together unless you need to. This is handy, but having all the access connected to it makes it much easier to hack multiple accounts.
  • Check downloadable apps. Comparitech recommends that you only download apps from trusted and trusted publishers with high user ratings and a lot of downloads, but keep in mind that these can be misleading too. Take time to read reviews, check what permissions the app is asking for , and find more information on your favorite search engine or web community before installing anything.
  • Use reliable anti-malware and anti-virus applications . While this will not necessarily prevent the Google Firebase vulnerability from exposing your data, a good antivirus / antimalware application will reduce the chances of malicious files and software downloading onto your device.

[ Comparitech ]

More…

0
Android

Leave a Reply