Home / Technology / AI Apps Leak 730 Million TB of Data
AI Apps Leak 730 Million TB of Data
3 Feb
Summary
- Over 730 million terabytes of data were exposed, including financial information.
- Many AI apps use insecure hardcoding for sensitive data, leaving them vulnerable.
- 81 percent of leaked secrets related to Google Cloud, enabling third-party access.
A staggering 730 million terabytes of data, including sensitive financial details, have been exposed through vulnerabilities in AI applications available on the Google Play Store. The primary cause identified is the widespread use of insecure "hardcoding" techniques, where crucial information such as API keys and passwords are not properly encrypted and are instead embedded directly within the app's source code.
Research indicates that approximately 72 percent of analyzed AI apps contained at least one hard-coded secret. Alarmingly, 81 percent of these discovered secrets were associated with Google Cloud projects, potentially allowing third parties unauthorized access to Google services and opening avenues for automated attacks. This problem is particularly prevalent in newer AI applications rushed to market due to intense competition in the rapidly evolving field.
While the focus is on Google Play Store AI apps, the investigation also uncovered a significant amount of leaked data belonging to Facebook clients. In total, the research team analyzed 1.8 million Android applications to identify these extensive security flaws.
