Data Breach Report: Popular Digital Wallet App Key Ring Exposes 14 Million Users

Led by Noam Rotem and Ran Locar, vpnMentor’s research team of ethical hackers, recently discovered a data leak by the popular app Key Ring, that compromised the privacy and security of their 14 million users. Key Ring allows users to upload scans and photos of membership and loyalty cards onto a digital folder on one’s phone. However, many users also use it to store copies of IDs, driver licenses, credit cards, and more. A misconfigured Amazon Web Services (AWS) S3 bucket owned by the company exposed these uploads and revealed their owners’ private data. During the team’s investigation, they also found four additional unsecured S3 buckets belonging to Key Ring, exposing even more sensitive data as they were publicly accessible to anyone with a web browser.

Spotlight

Reducing the operational risks of IT/OT connectivity entails a different number of challenges, like building threat detection capabilities for OT environment without causing operational risks, or understanding security events, their impact on OT environments and focus on what really matters. Adding to this, the general lack of r


Other News

Dom Nicastro | April 03, 2020

Read More

Dom Nicastro | April 03, 2020

Read More

Dom Nicastro | April 03, 2020

Read More

Dom Nicastro | April 03, 2020

Read More

Spotlight

Reducing the operational risks of IT/OT connectivity entails a different number of challenges, like building threat detection capabilities for OT environment without causing operational risks, or understanding security events, their impact on OT environments and focus on what really matters. Adding to this, the general lack of r

Resources