McDelivery, McDonald's India application, was allegedly leaking personal data - including name, email addresses, phone number, home address, home co-ordinates and social profile links - for as many as 2.2 million of its users, according to Fallible, a cyber security company. In the blog post, Fallible says that it had contacted McDonald's on the 4th of February 2017, received an acknowledgement from a Senior IT Manager at the company on the 13th of February, but as of the 18th of March, McDonald's had still not fixed the application, and at the time that Fallible disclosed the vulnerability online, they hadn't received an update from the company. The issue, according to Fallible, was "An unprotected publicly accessible API endpoint for getting user details coupled with serially enumerable integers as customer IDs can be used to obtain access to all users personal information." This is probably not what McDonald's had in mind when they wrote in their McDelivery app description: "We may disclose certain personally identifiable information, to third party service providers, listed below - - information you provide us such as name, email, mobile phone number. - information we collect as you access and use our service - device information, location and network carrier." A subsequent statement issued by McDonald's India (South and West), also sent to MediaNama, the company has clearly not denied that this information is being leaked by the application, and only points out that financial information (credit card details, wallet passwords or bank account information) is not…
Please subscribe to MediaNama. Don't share prints and PDFs.
You May Also Like
News
Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...
Advert
135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...
News
By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...
News
Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...