WEBCAM APPLICATION’S DATA LEAK EXPOSED
A San Francisco based security researcher finds and exposes the database of Adorcam. It is a leading webcam service provider. He finds out large amount of data leak. The Adorcam user database contains around124, 000,000 rows of data. This rate data ranges for thousands of users.
Category of data exposed:
- Live locations and it details
- Details about the Wi-Fi network
- Microphone and camera status
- Personal information of the webcam user. This information also includes email addresses, phone numbers, and other sensitive data.
Detailed Report of the data breach and probable threats:
Security researcher Justin Paine reveals that the data of the webcam application Andorcam is left unprotected and exposed on the Internet. Neither their was encryption nor did the data have password. Anyone on the Internet could access it.
This app also provides a peer to peer connection (P2P)to many brands dealing in web cameras including Umino and Zeeporte.
As per Paine’s report, “The leaked data includes user email addresses, hashed passwords, Wi-Fi network name, and potentially images captured by the web cameras.”
Data received from the Google play store reveals that this web camera application has approximately 10,000 installations in the Android version. Although, the picture of its popularity in the iOS version is unclear.
According to Paine, “The information leaked in this database could easily be used for a very convincing social engineering attack. Someone could approach any of the customers in this database,”.
“The attacker will also have geographic information to launch a targeted attack in the user’s native language”, as noted by the security research.
Paine when first discovered this, he verified that the user data was instantly updated. Just by signing up, this can be done.
How will you secure your account?
Whether or not you are an Adorcam user, no way you should let your guard down. It’s high time that you tighten the account security.
A data leak can lead to big term loss. So here are some actions you can take:
- Reset your password: Timely reset your passwords and use a more secure one. It is always safer to use a combination of alphabets, numbers, and symbols.
- Do not use the same password across multiple platforms: Although it is easier to manage accounts with the same passwords but not safe. Use unique passwords. This ensures safety of other accounts. You will not have to compromise with the safety of other accounts.
- Two-factor authentication: Using 2FAadds extra protection layer to the security. This makes it difficult for the attacker to breakthrough.