Thousands of accounts affected by security vulnerability at Zapptales
The problem apparently existed for over a year. However, according to the start-up, the vulnerability was never exploited.
The start-up Zapptales had a security vulnerability for over a year. According to information from the Spiegel chat histories, media from the chats, the PDFs of the chat books and the email addresses and postal addresses of around 69,000 customers were affected. Two hours after the report, the company blocked access to the data and released a new version the next day. However, the vulnerability was never exploited, according to Zapptales.
The Zerforschung group discovered the security vulnerability and reported it to the Federal Office for Information Security and the Bavarian state data protection authority. The developers of the app had included the access keys to the databases in which the chat histories, media and customer data are stored in the source code. This could have allowed hackers to gain access to the data.
Zapptales converts chat histories from WhatsApp, Facebook Messenger, Instagram, Telegram, iMessage and Threema into bound books. Voice messages and videos can be played via a QR code printed in the book. The start-up was founded in 2015 by Anna Kimmerle-Hürlimann and Daniel Vicen Renner.
Newsletter
Startups, stories and stats from the German startup ecosystem straight to your inbox. Subscribe with 2 clicks. Noice.
LinkedIn ConnectFYI: English edition available
Hello my friend, have you been stranded on the German edition of Startbase? At least your browser tells us, that you do not speak German - so maybe you would like to switch to the English edition instead?
FYI: Deutsche Edition verfügbar
Hallo mein Freund, du befindest dich auf der Englischen Edition der Startbase und laut deinem Browser sprichst du eigentlich auch Deutsch. Magst du die Sprache wechseln?
