Lorenzo Franceschi-Bicchierai reports:
An Android app with more than 10 million downloads left users’ selfies, pictures, audio messages, and other sensitive data exposed online for all to see. The app, called Drupe, was once named a “Google Play Editor’s Choice.”
[…]
But its developers made a huge mistake. Until this week, Drupe users were unknowingly uploading some of their data to unprotected and unauthenticated servers on Amazon Web Services. This meant that anyone who knew where to look could access Drupe’s users pictures, audio messages, and potentially more.
Read more on Motherboard.
h/t, Joe Cadillic