Wish list app from Target springs a major personal data leak
The next time a friend or family member asks you to install a gift-registry app, remember this: the app is almost certainly soaking up lots of your personal details. In the case of one such app from retailing giant Target, it’s more than happy to make those details public. Witness the following:
Update Tuesday 10:10 p.m. California time: A Target spokeswoman said elements of the app have been suspended while developers investigate.
According to researchers from security firm Avast, the database storing the names, e-mail addresses, home addresses, phone numbers, and wish lists of Target customers is available to anyone who figures out the app’s publicly available programming interface. In a blog post published Tuesday, they wrote:
Continue reading here: