• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Uber data breach shows apps may not be able to protect your information

Uber data breach shows apps may not be able to protect your information

  • Posted on:February 29, 2016
  • Posted in:Industry News
  • Posted by:
    Noah Gamer
0
Are your apps as secure as you think they are?

The world has gone mobile. With 68 percent of Americans owning a smartphone of some kind according to the Pew Research Center, staying connected on the go has obviously become a major part of everyday life. But there is a dark side to the mobile revolution.

Apps, which have moved themselves to the center of smartphone engagement, aren't as secure as some people might think. In fact, Uber's trouble with the state of New York has highlighted the security woes many modern apps face. The ride sharing giant was ordered to pay a $20,000 penalty for a data breach that leaked the names and license plate numbers of more than 50,000 drivers. 

Many apps just aren't secure enough

Trend Micro researchers have known for some time many apps don't offer the data security most people thing they do. To begin, many free apps collect information from the user such as their contact lists and location. This data is sold to advertisers, who then place ads on the app when the person attempts to use it. 

While this is bothersome enough on its own, the real problem stems from the fact that these third party advertisers can't exactly be trusted when it comes to the security of your data. You don't know who they are, and if a data breach ever occurs at one of these organization that has access to your information, it can be incredibly hard to follow the bread crumbs back to the advertiser. 

It's not all bad news

Thankfully, there is a good section of the population that knows just how dangerous having their data flapping in the wind can be. A study posted on eMarketer found that 52 percent of mobile device users have deleted an app due to a lack of security or privacy.

While this isn't a wide majority, what it shows is that people are beginning to grasp the gravity of the situation. It would certainly be better to see that number grow in the coming years, but at least a large portion of users know that their data is incredibly valuable.

What all this means is that it's on the user to make sure that their information is kept safe. If a person wishes to download a free app, they should take the time to read over the terms and conditions to make sure their data isn't up for grabs the moment they hit accept. 

Security experts recommend that users educate themselves about their data, especially through programs such as PrivacyGrade.org. This organization works to teach people about the kind of information different apps require, even giving grades to popular apps based on what data is required from their users. 

What's more, smartphone users now have the unique opportunity to download an app that actually monitors other apps used on the device. MyPermissions allows people to receive an alert whenever an app accesses sensitive data on their phone. When this message pops up, the user then has the ability to "revoke permissions immediately," meaning the person can instantly stop the trouble maker from ever accessing their private information again. MyPermissions has done extremely well on both the iTunes store as well as on Google Play. Considering the fact that it's completely free and never stores or uses personal data, apps like this should play a major role in every person's privacy strategy. 

Trend Micro has also developed the Mobile Security system for Android users worried about the security of their device. Aside from backing up contact lists and helping the user find his or her lost device, Mobile Security also has a Privacy Scanner. Much like MyPermissions, this application scans activity to determine if an apps is accessing information that it shouldn't.

A gaming app certainly doesn't need access to your contact list, and such an event would trigger a Privacy Scanner warning for the user. What's more, the app also categorizes threats into three warning labels; high, medium and low risk. This lets the user know exactly how concerned they should be about a certain app's activity. 

Staying informed and knowing where your data is located is the best way to protect sensitive information. There are simply too many people out there trying to utilize private data to their advantage to ignore the risk, and forgetting a smartphone is just as much a computer as a desktop is a dangerous mistake to make. 

Related posts:

  1. Protect your Mobile Devices from Malicious Apps
  2. Protect Yourself Against Fake Banking Apps with Trend Micro Mobile Security for Android
  3. Uber: How Not To Handle A Breach
  4. SEC breach response shows willingness to lead by example (op/ed)

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.