As reported by TechRadar, an investigation by The Washington Post has revealed that Whisper (a social media platform that’s core focus is to allow its users to anonymously share secrets ) left the information of nearly 900 million users exposed to anyone that wanted to view it, located in a database that wasn’t password protected and was accessible by the public. The database contained a variety of compromising user details that are tied to each ‘whisper’ (the platform’s name for a post), including sexual orientation, gender, age, ethnicity, nickname, place of work and the location data for the user’s last post.
Whisper\’s failure to protect its online database has opened this secret-sharing app\’s 900 million users up to some serious trouble. Due to the sensitive nature of the compromised customer data, Whisper\’s users are now prime candidates for blackmail and account takeover fraud, where a hacker could use this stolen information to access other accounts, posing a problem for other businesses that could fall victim as a result.
Until organizations stop relying on outdated verification methods, we can expect to see this same vicious cycle to continue. It is vital that organizations turn to biometric authentication, which is significantly more secure, reliable, and delivers a much higher level of assurance. Leveraging biometrics will protect the next generation of consumers while avoiding the same basic security pitfalls that are fueling the fraud epidemic plaguing enterprises and consumers alike.
If companies are still leaving data online, unprotected without a password, they should face the consequences of their actions. Sensitive information should be considered their most valuable asset and requires constant monitoring for its security.
Such information as ‘nickname’ could even pose a risk with answering basic “forgotten password” security questions, should criminals want to gain access to accounts when requesting new passwords. Criminals can do a lot of damage with such information and this should not be taken lightly.