Whisper, an app for people to share their secrets, exposed user data like age, location, and more for years.
The records were viewable on a non-password-protected database open to the public Web. A Post reporter was able to freely browse and search through the records, many of which involved children: A search of users who had listed their age as 15 returned 1.3 million results.
The cybersecurity consultants Matthew Porter and Dan Ehrlich, who lead the advisory group Twelve Security, said they were able to access nearly 900 million user records from the app’s release in 2012 to the present day.
You can never be 100% secure but at least put a damn password on your server.
Check It Out: Careless ‘Whisper’ Leaks Years of User Data