Techly NewsGet the app

Get the latest tech news

Fertility tracker Glow fixes bug that exposed users’ personal data


The fertility tracking app fixed a leaky API, which a researcher said exposed users’ first and last names, age group, and self-described location.

“I basically had my Android device hooked up with [network analysis tool] Burp and poked around on the forum and saw that API call returning the user data. That’s where I found the IDOR,” Liber said, referring to a type of vulnerability where a server lacks the proper checks to ensure access is only granted to authorized users or developers. “I think that is a pretty big deal,” Eva Galperin, the cybersecurity director at the digital rights non-profit Electronic Frontier Foundation, told TechCrunch, referring to Liber’s research.

Get the Android app

Or read this on TechCrunch

Read more on:

Photo of users

users

Photo of personal data

personal data

Related news:

News photo

Threads begins rolling out Trending feature to users in the US

News photo

Google offers discounted Pixel Watch replacements to out-of-warranty users

News photo

Your personal data is political: Computer scientists find gaps in the privacy practices of campaign websites

« 5 Steps to Improve Your Security Posture in Microsoft Teams
Mindy gets backing from Sequoia to build an email-based AI assistant »