Robson Fletcher reports:
Personal information belonging to more than 17,000 users of the private proof-of-vaccination app Portpass is still unsecured and visible online — including, in some cases, photos of drivers’ licences and passports — despite assurances from the company that its data-security problems have been fixed.
The Calgary-based smartphone app was temporarily taken offline in late September after CBC News initially reported that users’ data was unsecured and accessible on the internet to anyone who knew where to look.
Read more on CBC.
The app’s CEO’s response to news that the app was STILL insecure and exposing personal information is incredibly troubling. When contacted by CBC, Portpass CEO Zak Hussein reportedly said he had no idea the users’ records were still accessible.
“Maybe we need to just take down this app, because there’s just all this going on and it’s not worth it,” he said. “I mean, I haven’t even made a dollar on this.”
By now, there are certainly alternatives, but what does the CEO’s response tell us about how seriously — or not seriously — he takes security and privacy?