Popular travel apps are exposing sensitive data of millions of users, report

Ali Qamar  - Cybersecurity Analyst
Last updated: October 15, 2023
Share
Popular travel apps have server-side security vulnerabilities PS report
  • PrivacySavvy tested the servers-side security of more than 20 of the world’s leading travel apps.
  • 105 million users are impacted by the sensitive data exposure of these applications.
  • Some basic security measures can let the databases’ owners, apps, avoid any such potential sensitive data exposure.

Many of the widely-used ride-sharing and other travel apps out there have major server-side security vulnerabilities. PrivacySavvy research team discovered a group of travel apps leaving their servers completely open and accessible, ultimately exposing private user data for anyone to see. Most of the apps are leaking data through their subdomains, and the exposed data posed a risk to many parties.

Led by Sarmad khan and Huynh Chen, in first-of-its-kind research, PrivacySavvy tested the security of over 20 of the world’s leading travel apps to understand how they manage users’ privacy and security risks. Unfortunately, most of them failed.