San Francisco: Whisper App — the proprietary Android and iOS mobile app, which lets people anonymously post confessions and secrets, has exposed data of millions of users. The data included their intimate messages, fetishes, workplaces, locations and other personal information.
A reporter was able to freely browse and search through the records, many of which involved children: A search of users who had listed their age as 15 returned 1.3 million results, The Washington Post originally reported on Tuesday.
The Whisper App left the information of nearly 900 million users exposed to anyone that wanted to view it, located in a database that was not protected by passwords and was open to the public.
However, the database of users did not contain real names but tied anonymous whispers to “a user’s stated age, ethnicity, gender, hometown, nickname and any membership in groups, many of which are devoted to sexual confessions and discussion of sexual orientation and desires, according to the CNET.
According to security researchers Matthew Porter and Dan Ehrlich, who run the firm Twelve Security, the Whisper App’s database comprised the user records from the app’s release more than eight years to the present day.
The researchers had reportedly said that they informed Federal Law Enforcement of the situation, as well as the Whisper App, before reaching out to The Washington Post.